Mass Assignment Testing
Learn to write tests for mass assignments, and how to test strong parameters.
Mass assignment testing
Mass assignment is a common Rails security issue, caused by Rails’s ability to save an arbitrary hash of attribute names and values to an instance by sending an entire hash as a parameter, as in new(params[:user]), create(params[:user]), or update_attributes(params[:user]). The security issue happens when somebody hacks a request and adds unexpected attributes to the incoming parameters, typically an ...