1. Is there a way to, while using a migration to add attributes to a model, automatically add the attribute to the strong parameter list?
No. They would only be added automatically for you in case you generate scaffold.
2. Is there a way to disable the strong parameter white list in development mode?
No. You cannot disable it. And it's a good thing, you really don't want to do that. It is beneficial to fight against mass assignment vulnerabilities.
3. Could it be disabled while logged in into an admin?
No. Read my comments on #2.
4. (IMPORTANT) Could I, at least, make the app crash if I try to alter an attribute that is not in the whitelist? So I get reminded to add it? Pretty much the way attr_accessible used to work.
You most definitely get a warning, Unpermitted parameters: blah_blah
in the logs when you pass a field blah_blah
from form and have not whitelisted it in controller.
You can even check the queries generated while creating/ updating records for the create
and update
actions respectively to see which fields were actually saved in the database and which ones were missed.
The logs would be available on the terminal where you are running rails server
. You can find them in environment specific log files placed in application_folder/log
directory. So, if you are in development
you can check development.rb
in the log
directory.