app/models/content_type.rb
Mass assignment is not restricted using attr_accessible Open
Open
class ContentType < ActiveRecord::Base- Read upRead up
- Exclude checks
This warning comes up if a model does not limit what attributes can be set through mass assignment.
In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.
Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.
Note that disabling mass assignment globally will suppress these warnings.
TODO found Open
Open
# TODO: globalize stuff, uncomment later- Exclude checks
TODO found Open
Open
# TODO: humanized and humanized_plural should be capitalized, do as validation or programmatically- Exclude checks
TODO found Open
Open
# TODO: might want to reconsider using a subselect here- Exclude checks
Unused method argument - options. If it's necessary, use _ or _options as an argument name to indicate that it won't be used. You can also write as mapped_fields(*) if you want the method to accept any arguments but don't care about them. Open
Open
def mapped_fields(options = {})- Read upRead up
- Exclude checks
This cop checks for unused method arguments.
Example:
# bad
def some_method(used, unused, _unused_but_allowed)
puts used
endExample:
# good
def some_method(used, _unused, _unused_but_allowed)
puts used
end