Rubocop: Cop Suggestion: warn against usage of `update_attribute` in Rails
The update_attribute method skips validations and will save the object to database regardless of its validity.
These methods should be used with caution.
Prefer this:
user.update_attributes(email: '[email protected]')
over:
user.update_attribute(email: '[email protected]')
Bugs resulting from this can be hard to identify, and I cannot see a valid use-case for updating a model attribute without validation.
Is this a reasonable candidate for inclusion as a Rails-specific cop in RuboCop?
rahulcs
All 2 comments
Not just update_attribute, I think we should we warn against all of those methods which skip validations. Even save(validate: false).
Is this a reasonable candidate for inclusion as a Rails-specific cop in RuboCop?
Sounds like a pretty reasonable candidate 馃憤 Let's see what others have to say.
tejasbubane
on 30 Nov 2016
Not just
update_attribute, I think we should we warn against all of those methods which skip validations. Evensave(validate: false).
I agree that we should warn against all of the methods that skip validations. I don't think that we should warn against save(validate: false) because someone has to explicitly say that they do not want validations. The other ActiveRecord methods are most likely used by mistake.
rrosenblum
on 13 Dec 2016
Related issues
Ana06
路
3Comments
ecbrodie
路
3Comments
millisami
路
3Comments
Aqualon
路
3Comments
bbatsov
路
3Comments
Most helpful comment
I agree that we should warn against all of the methods that skip validations. I don't think that we should warn against
save(validate: false)because someone has to explicitly say that they do not want validations. The other ActiveRecord methods are most likely used by mistake.