Change before_filter and remove attr_protected

2024-12-26 12:30:48 +00:00 · 2020-03-17 01:57:47 +02:00 · 2020-03-17 01:57:47 +02:00 · fa4fbb589d
commit fa4fbb589d
parent cca3a03f59
64 changed files with 76 additions and 69 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -4,8 +4,8 @@ class ApplicationController < ActionController::Base
  helper :all
  helper_method :cuser, :strip, :return_here

-  before_filter :update_user
-  before_filter :set_controller_and_action_names
+  before_action :update_user
+  before_action :set_controller_and_action_names

  protect_from_forgery
  respond_to :html, :js
--- a/app/controllers/articles_controller.rb
+++ b/app/controllers/articles_controller.rb
@ -1,5 +1,5 @@
 class ArticlesController < ApplicationController
-  before_filter :get_article, only: [:show, :edit, :update, :cleanup, :destroy]
+  before_action :get_article, only: [:show, :edit, :update, :cleanup, :destroy]

  def index
    @categories = Category.ordered.nospecial.domain Category::DOMAIN_ARTICLES
@ -39,7 +39,8 @@ class ArticlesController < ApplicationController
  end

  def create
-    @article = Article.new params[:article]
+    @article = Article.new article_params
+    ([:article])
    @article.user = cuser
    raise AccessError unless @article.can_create? cuser

@ -53,7 +54,7 @@ class ArticlesController < ApplicationController

  def update
    raise AccessError unless @article.can_update? cuser, params[:article]
-    if @article.update_attributes(params[:article])
+    if @article.update_attributes(article_params)
      flash[:notice] = t(:articles_update)
      redirect_to @article
    else
@ -79,4 +80,8 @@ class ArticlesController < ApplicationController
  def get_article
    @article = Article.find params[:id]
  end
+
+  def article_params
+    params.require(:article).permit(:tite, :status, :category_id, :text, :user_id)
+  end
 end
--- a/app/controllers/bans_controller.rb
+++ b/app/controllers/bans_controller.rb
@ -1,5 +1,5 @@
 class BansController < ApplicationController
-  before_filter :get_ban, only: [:show, :edit, :update, :destroy]
+  before_action :get_ban, only: [:show, :edit, :update, :destroy]

  def index
    @bans = Ban.ordered
@ -32,7 +32,7 @@ class BansController < ApplicationController

  def update
    raise AccessError unless @ban.can_update? cuser
-    if @ban.update_attributes(params[:ban])
+    if @ban.update_attributes(ban_params(ban_params))
      flash[:notice] = t(:bans_update)
      redirect_to(@ban)
    else
@ -51,4 +51,8 @@ class BansController < ApplicationController
  def get_ban
    @ban = Ban.find(params[:id])
  end
+
+  def ban_params
+    params.permit(:steamid, :user_id, :addr, :server_id, :expiry, :reason, :ban_type, :ip)
+  end
 end
--- a/app/controllers/brackets_controller.rb
+++ b/app/controllers/brackets_controller.rb
@ -1,5 +1,5 @@
 class BracketsController < ApplicationController
-  before_filter :get_bracket, only: [:show, :edit, :update, :destroy]
+  before_action :get_bracket, only: [:show, :edit, :update, :destroy]

  def edit
    raise AccessError unless @bracket.can_update? cuser
--- a/app/controllers/categories_controller.rb
+++ b/app/controllers/categories_controller.rb
@ -1,5 +1,5 @@
 class CategoriesController < ApplicationController
-  before_filter :get_category, except: [:index, :new, :create]
+  before_action :get_category, except: [:index, :new, :create]

  def show
    if [Category::DOMAIN_ARTICLES, Category::DOMAIN_NEWS].include? @category.domain
--- a/app/controllers/challenges_controller.rb
+++ b/app/controllers/challenges_controller.rb
@ -1,5 +1,5 @@
 class ChallengesController < ApplicationController
-  before_filter :get_challenge, only: [:show, :edit, :update, :destroy]
+  before_action :get_challenge, only: [:show, :edit, :update, :destroy]

  def index
    @challenges = Challenge.all
--- a/app/controllers/comments_controller.rb
+++ b/app/controllers/comments_controller.rb
@ -1,5 +1,5 @@
 class CommentsController < ApplicationController
-  before_filter :get_comment, only: [:raw, :quote, :edit, :update, :destroy]
+  before_action :get_comment, only: [:raw, :quote, :edit, :update, :destroy]
  respond_to :html, :js

  def index
--- a/app/controllers/contesters_controller.rb
+++ b/app/controllers/contesters_controller.rb
@ -1,5 +1,5 @@
 class ContestersController < ApplicationController
-  before_filter :get_contester, only: [:show, :edit, :update, :recover, :destroy, :recalc]
+  before_action :get_contester, only: [:show, :edit, :update, :recover, :destroy, :recalc]

  def show
    @matches = Match.future.unfinished.ordered.of_contester @contester
--- a/app/controllers/contests_controller.rb
+++ b/app/controllers/contests_controller.rb
@ -1,5 +1,5 @@
 class ContestsController < ApplicationController
-  before_filter :get_contest, only: [:show, :edit, :update, :destroy, :del_map, :scores, :recalc, :confirmed_matches]
+  before_action :get_contest, only: [:show, :edit, :update, :destroy, :del_map, :scores, :recalc, :confirmed_matches]

  def index
    # @contests = Contest.all
--- a/app/controllers/data_files_controller.rb
+++ b/app/controllers/data_files_controller.rb
@ -1,5 +1,5 @@
 class DataFilesController < ApplicationController
-  before_filter :get_file, only: [:show, :edit, :update, :destroy, :rate, :addFile, :delFile]
+  before_action :get_file, only: [:show, :edit, :update, :destroy, :rate, :addFile, :delFile]

  def show
  end
--- a/app/controllers/directories_controller.rb
+++ b/app/controllers/directories_controller.rb
@ -1,5 +1,5 @@
 class DirectoriesController < ApplicationController
-  before_filter :get_directory, except: [:new, :create]
+  before_action :get_directory, except: [:new, :create]

  def show
    if @directory.hidden
--- a/app/controllers/forums_controller.rb
+++ b/app/controllers/forums_controller.rb
@ -1,5 +1,5 @@
 class ForumsController < ApplicationController
-  before_filter :get_forum, only: [:show, :edit, :update, :up, :down, :destroy]
+  before_action :get_forum, only: [:show, :edit, :update, :up, :down, :destroy]
  layout 'forums'

  def index
--- a/app/controllers/gatherers_controller.rb
+++ b/app/controllers/gatherers_controller.rb
@ -1,5 +1,5 @@
 class GatherersController < ApplicationController
-  before_filter :get_gatherer, except: [:create]
+  before_action :get_gatherer, except: [:create]

  def create
    Gather.transaction do
--- a/app/controllers/gathers_controller.rb
+++ b/app/controllers/gathers_controller.rb
@ -1,5 +1,5 @@
 class GathersController < ApplicationController
-  before_filter :get_gather, except: [:latest, :index, :create]
+  before_action :get_gather, except: [:latest, :index, :create]
  respond_to :html, :js

  def index
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@ -1,5 +1,5 @@
 class GroupsController < ApplicationController
-  before_filter :get_group, except: [:index, :new, :create]
+  before_action :get_group, except: [:index, :new, :create]

  def index
    @groups = Group.all
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@ -1,5 +1,5 @@
 class IssuesController < ApplicationController
-  before_filter :get_issue, only: [:show, :edit, :update, :destroy]
+  before_action :get_issue, only: [:show, :edit, :update, :destroy]

  def index
    raise AccessError unless cuser and (cuser.admin? or cuser.moderator?)
--- a/app/controllers/maps_controller.rb
+++ b/app/controllers/maps_controller.rb
@ -1,5 +1,5 @@
 class MapsController < ApplicationController
-  before_filter :get_map, only: [:show, :edit, :update, :destroy]
+  before_action :get_map, only: [:show, :edit, :update, :destroy]

  def index
    @maps = Map.basic
--- a/app/controllers/match_proposals_controller.rb
+++ b/app/controllers/match_proposals_controller.rb
@ -1,5 +1,5 @@
 class MatchProposalsController < ApplicationController
-  before_filter :get_match
+  before_action :get_match
  def index
    raise AccessError unless cuser.admin? || @match.user_in_match?(cuser)
  end
--- a/app/controllers/matches_controller.rb
+++ b/app/controllers/matches_controller.rb
@ -1,5 +1,5 @@
 class MatchesController < ApplicationController
-  before_filter :get_match, except: [:index, :new, :create, :admin]
+  before_action :get_match, except: [:index, :new, :create, :admin]

  def index
    @matches = Match.active
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@ -1,5 +1,5 @@
 class MessagesController < ApplicationController
-  before_filter :get_message, only: [:show, :edit, :update, :destroy]
+  before_action :get_message, only: [:show, :edit, :update, :destroy]

  def index
    raise AccessError unless cuser
--- a/app/controllers/movies_controller.rb
+++ b/app/controllers/movies_controller.rb
@ -1,5 +1,5 @@
 class MoviesController < ApplicationController
-  before_filter :get_movie, except: [:index, :new, :create]
+  before_action :get_movie, except: [:index, :new, :create]

  def index
    @movies = Movie.filter_or_all(params[:filter], params[:order])
--- a/app/controllers/options_controller.rb
+++ b/app/controllers/options_controller.rb
@ -1,5 +1,5 @@
 class PollsController < ApplicationController
-  before_filter :get_poll, except: [:index, :new, :create]
+  before_action :get_poll, except: [:index, :new, :create]
  respond_to :js

  def add
--- a/app/controllers/polls_controller.rb
+++ b/app/controllers/polls_controller.rb
@ -1,5 +1,5 @@
 class PollsController < ApplicationController
-  before_filter :get_poll, except: [:index, :new, :create]
+  before_action :get_poll, except: [:index, :new, :create]

  def index
    @polls = Poll.all
--- a/app/controllers/posts_controller.rb
+++ b/app/controllers/posts_controller.rb
@ -1,5 +1,5 @@
 class PostsController < ApplicationController
-  before_filter :get_post, except: [:new, :create]
+  before_action :get_post, except: [:new, :create]
  respond_to :html, :js
  layout 'forums'

--- a/app/controllers/servers_controller.rb
+++ b/app/controllers/servers_controller.rb
@ -1,5 +1,5 @@
 class ServersController < ApplicationController
-  before_filter :get_server, except: [:index, :refresh, :new, :create]
+  before_action :get_server, except: [:index, :refresh, :new, :create]

  def index
    @servers = Server.hlds.active.ordered.all :include => :user
--- a/app/controllers/teams_controller.rb
+++ b/app/controllers/teams_controller.rb
@ -1,5 +1,5 @@
 class TeamsController < ApplicationController
-  before_filter :get_team, only: [:show, :edit, :update, :destroy, :recover]
+  before_action :get_team, only: [:show, :edit, :update, :destroy, :recover]

  def index
    @teams = Team.search(params[:search]).paginate(per_page: 80, page: params[:page]).ordered
--- a/app/controllers/topics_controller.rb
+++ b/app/controllers/topics_controller.rb
@ -1,5 +1,5 @@
 class TopicsController < ApplicationController
-  before_filter :get_topic, only: [:show, :reply, :edit, :update, :destroy]
+  before_action :get_topic, only: [:show, :reply, :edit, :update, :destroy]
  layout 'forums'

  def index
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -1,5 +1,5 @@
 class UsersController < ApplicationController
-  before_filter :get_user, only: [:show, :history, :popup, :agenda, :edit, :update, :destroy]
+  before_action :get_user, only: [:show, :history, :popup, :agenda, :edit, :update, :destroy]
  respond_to :html, :js

  def index
--- a/app/controllers/versions_controller.rb
+++ b/app/controllers/versions_controller.rb
@ -1,5 +1,5 @@
 class VersionsController < ApplicationController
-  before_filter :get_article
+  before_action :get_article

  def index
    @versions = @article.versions
--- a/app/controllers/weeks_controller.rb
+++ b/app/controllers/weeks_controller.rb
@ -1,5 +1,5 @@
 class WeeksController < ApplicationController
-  before_filter :get_week, except: [:new, :create]
+  before_action :get_week, except: [:new, :create]

  def new
    @week = Week.new
--- a/app/models/article.rb
+++ b/app/models/article.rb
@ -34,8 +34,6 @@ class Article < ActiveRecord::Base
  G_RULES = 464
  COMPMOD = 998

-  attr_protected :id, :updated_at, :created_at, :user_id, :version
-
  scope :recent, -> { order('created_at DESC').limit(8) }
  scope :with_comments, -> {
    select("articles.*, COUNT(C.id) AS comment_num").
--- a/app/models/ban.rb
+++ b/app/models/ban.rb
@ -26,7 +26,7 @@ class Ban < ActiveRecord::Base
  TYPE_GATHER = 5
  VENT_BANS = "tmp/bans.txt"

-  attr_protected :id, :created_at, :updated_at
+  #attr_protected :id, :created_at, :updated_at
  attr_accessor :len, :user_name

  scope :ordered,  -> {order("created_at DESC")}
--- a/app/models/bracket.rb
+++ b/app/models/bracket.rb
@ -13,7 +13,7 @@
 class Bracket < ActiveRecord::Base
  include Extra

-  attr_protected :id, :created_at, :updated_at
+  #attr_protected :id, :created_at, :updated_at

  belongs_to :contest
  has_many :bracketers
--- a/app/models/bracketer.rb
+++ b/app/models/bracketer.rb
@ -16,7 +16,7 @@ class Bracketer < ActiveRecord::Base
  include Exceptions
  include Extra

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at

  belongs_to :contest
  belongs_to :match
--- a/app/models/category.rb
+++ b/app/models/category.rb
@ -28,7 +28,7 @@ class Category < ActiveRecord::Base

  PER_PAGE = 3

-  attr_protected :id, :updated_at, :created_at, :sort
+  #attr_protected :id, :updated_at, :created_at, :sort

  validates_length_of :name, :in => 1..30
  validate :validate_domain
--- a/app/models/challenge.rb
+++ b/app/models/challenge.rb
@ -34,7 +34,7 @@ class Challenge < ActiveRecord::Base
  ACCEPT_BEFORE_VOLUNTARY = 300					# Time to accept before voluntary match time: 5 mins
  MATCH_LENGTH = 7200										# Usual match length (for servers): 2 hours

-  attr_protected :id, :updated_at, :created_at, :default_time, :user_id, :status
+  #attr_protected :id, :updated_at, :created_at, :default_time, :user_id, :status

  validates_presence_of :contester1, :contester2
  validates_presence_of :map2, :on => :update
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@ -15,7 +15,7 @@
 class Comment < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at, :user_id
+  #attr_protected :id, :updated_at, :created_at, :user_id

  scope :with_userteam, -> { includes({:user => :team}) }
  scope :recent, -> (n) { order("id DESC").limit(n) }
--- a/app/models/contest.rb
+++ b/app/models/contest.rb
@ -33,7 +33,7 @@ class Contest < ActiveRecord::Base
  TYPE_LEAGUE = 1
  TYPE_BRACKET = 2

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at

  scope :active, -> { where.not(status: STATUS_CLOSED) }
  scope :inactive, -> { where(status: STATUS_CLOSED) }
--- a/app/models/contester.rb
+++ b/app/models/contester.rb
@ -23,7 +23,7 @@ class Contester < ActiveRecord::Base
  TREND_UP = 1
  TREND_DOWN = 2

-  attr_protected :id, :updated_at, :created_at, :trend
+  #attr_protected :id, :updated_at, :created_at, :trend
  attr_accessor :user

  belongs_to :team
--- a/app/models/data_file.rb
+++ b/app/models/data_file.rb
@ -23,7 +23,7 @@ class DataFile < ActiveRecord::Base
  MEGABYTE = 1048576

  attr_accessor :related_id
-  attr_protected :id, :updated_at, :created_at, :path, :size, :md5
+  #attr_protected :id, :updated_at, :created_at, :path, :size, :md5

  scope :recent, -> { order("created_at DESC").limit(8) }
  scope :demos, -> { order("created_at DESC").where("directory_id IN (SELECT id FROM directories WHERE parent_id = ?)", Directory::DEMOS) }
--- a/app/models/directory.rb
+++ b/app/models/directory.rb
@ -22,7 +22,7 @@ class Directory < ActiveRecord::Base
  MOVIES = 30
  ARTICLES = 39

-  attr_protected :id, :updated_at, :created_at, :path
+  #attr_protected :id, :updated_at, :created_at, :path

  belongs_to :parent, :class_name => "Directory"
  has_many :subdirs, :class_name => "Directory", :foreign_key => :parent_id
--- a/app/models/forum.rb
+++ b/app/models/forum.rb
@ -17,7 +17,7 @@ class Forum < ActiveRecord::Base
  BANS = 8
  TRASH = 12

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at

  scope :public_forums, -> { select("forums.*")
                     .joins("LEFT JOIN forumers ON forumers.forum_id = forums.id AND forumers.access = #{Forumer::ACCESS_READ}")
--- a/app/models/gatherer.rb
+++ b/app/models/gatherer.rb
@ -22,7 +22,7 @@ class Gatherer < ActiveRecord::Base

  include Extra

-  attr_protected :id
+  #attr_protected :id
  attr_accessor :confirm, :username
  cattr_accessor :skip_callbacks

--- a/app/models/group.rb
+++ b/app/models/group.rb
@ -24,7 +24,7 @@ class Group < ActiveRecord::Base
  GATHER_MODERATORS = 14
  CONTRIBUTORS = 16

-  attr_protected :id, :updated_at, :created_at, :founder_id
+  #attr_protected :id, :updated_at, :created_at, :founder_id
  validates_length_of :name, :maximum => 20

  has_and_belongs_to_many :users
--- a/app/models/grouper.rb
+++ b/app/models/grouper.rb
@ -11,7 +11,7 @@
 #

 class Grouper < ActiveRecord::Base
-  attr_protected :id, :created_at, :updated_at
+  #attr_protected :id, :created_at, :updated_at
  attr_accessor :username

  belongs_to :group
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@ -28,7 +28,7 @@ class Issue < ActiveRecord::Base
  CATEGORY_GATHER = 54

  attr_accessor :assigned_name
-  attr_protected :id, :created_at, :updated_at
+  #attr_protected :id, :created_at, :updated_at

  has_many :comments, :as => :commentable
  belongs_to :category
--- a/app/models/map.rb
+++ b/app/models/map.rb
@ -15,7 +15,7 @@
 class Map < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at, :deleted
+  #attr_protected :id, :updated_at, :created_at, :deleted

  has_and_belongs_to_many :contests

--- a/app/models/match.rb
+++ b/app/models/match.rb
@ -36,7 +36,7 @@ class Match < ActiveRecord::Base
  include Exceptions

  attr_accessor :lineup, :method, :motm_name, :friendly
-  attr_protected :id, :updated_at, :created_at, :diff, :points1, :points2
+  #attr_protected :id, :updated_at, :created_at, :diff, :points1, :points2

  has_many :matchers, :dependent => :destroy
  has_many :users, :through => :matchers
--- a/app/models/matcher.rb
+++ b/app/models/matcher.rb
@ -14,7 +14,7 @@
 class Matcher < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at

  belongs_to :match
  belongs_to :user
--- a/app/models/message.rb
+++ b/app/models/message.rb
@ -17,7 +17,7 @@
 class Message < ActiveRecord::Base
  include Extra

-  attr_protected :id, :created_at, :updated_at
+  #attr_protected :id, :created_at, :updated_at
  attr_accessor :sender_raw

  validates_length_of :title, :in => 1..100
--- a/app/models/movie.rb
+++ b/app/models/movie.rb
@ -29,7 +29,7 @@ class Movie < ActiveRecord::Base
  VLC = "/usr/bin/vlc"
  LOCAL = "78.46.36.107:29100"

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at
  attr_accessor :user_name, :name, :stream_ip, :stream_port

  scope :recent, -> { limit(5) }
--- a/app/models/option.rb
+++ b/app/models/option.rb
@ -13,7 +13,7 @@
 class Option < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at, :votes
+  #attr_protected :id, :updated_at, :created_at, :votes

  validates_length_of :option, :in => 1..30

--- a/app/models/poll.rb
+++ b/app/models/poll.rb
@ -16,7 +16,7 @@ class Poll < ActiveRecord::Base

  default_scope -> { order("created_at DESC") }

-  attr_protected :id, :updated_at, :created_at, :votes, :user_id
+  #attr_protected :id, :updated_at, :created_at, :votes, :user_id

  validates_length_of :question, :in => 1..50
  #validates_datetime :end_date
--- a/app/models/post.rb
+++ b/app/models/post.rb
@ -14,7 +14,7 @@
 class Post < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at, :votes, :user_id
+  #attr_protected :id, :updated_at, :created_at, :votes, :user_id

  scope :basic, -> {includes([{:user => [:team, :profile]}, :topic])}

--- a/app/models/prediction.rb
+++ b/app/models/prediction.rb
@ -15,7 +15,7 @@
 class Prediction < ActiveRecord::Base
  include Extra

-  attr_protected :id, :created_at, :updated_at, :result
+  #attr_protected :id, :created_at, :updated_at, :result

  validates_presence_of :match, :user
  validates_inclusion_of :score1, :in => 0..99, :message => "Invalid score"
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@ -59,7 +59,7 @@
 class Profile < ActiveRecord::Base
  include Extra

-  attr_protected :user_id, :id, :updated_at, :created_at
+  #attr_protected :user_id, :id, :updated_at, :created_at

  belongs_to :user

--- a/app/models/server.rb
+++ b/app/models/server.rb
@ -40,7 +40,7 @@ class Server < ActiveRecord::Base
  DOMAIN_NS2 = 2

  attr_accessor :pwd
-  attr_protected :id, :user_id, :updated_at, :created_at, :map, :players, :maxplayers, :ping, :version
+  #attr_protected :id, :user_id, :updated_at, :created_at, :map, :players, :maxplayers, :ping, :version

  validates_length_of [:name, :dns,], :in => 1..30
  validates_length_of [:password, :irc], :maximum => 30, :allow_blank => true
--- a/app/models/shoutmsg.rb
+++ b/app/models/shoutmsg.rb
@ -14,7 +14,7 @@
 class Shoutmsg < ActiveRecord::Base
  include Extra

-  attr_protected :id, :created_at, :updated_at, :user_id
+  #attr_protected :id, :created_at, :updated_at, :user_id

  validates_length_of :text, :in => 1..100
  validates_presence_of :user
--- a/app/models/team.rb
+++ b/app/models/team.rb
@ -24,7 +24,7 @@ class Team < ActiveRecord::Base
  STATUS_INACTIVE = 0
  STATUS_ACTIVE = 1

-  attr_protected :id, :active, :founder_id, :created_at, :updated_at
+  #attr_protected :id, :active, :founder_id, :created_at, :updated_at

  validates_presence_of :name, :tag
  validates_length_of :name, :tag, :in => 2..20
--- a/app/models/teamer.rb
+++ b/app/models/teamer.rb
@ -20,7 +20,7 @@ class Teamer < ActiveRecord::Base
  RANK_DEPUTEE = 1
  RANK_LEADER = 2

-  attr_protected :id, :created_at, :updated_at, :version
+  #attr_protected :id, :created_at, :updated_at, :version

  validates_length_of :comment, :in => 0..15, :allow_blank => true
  validates_uniqueness_of :user_id, :scope => [:team_id, :rank]
--- a/app/models/topic.rb
+++ b/app/models/topic.rb
@ -20,7 +20,7 @@ class Topic < ActiveRecord::Base
  RULES = 12

  include Extra
-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at
  attr_accessor :first_post

  belongs_to :user
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -28,7 +28,7 @@ class User < ActiveRecord::Base

  VERIFICATION_TIME = 604800

-  attr_protected :id, :created_at, :updated_at, :lastvisit, :lastip, :password, :version
+  #attr_protected :id, :created_at, :updated_at, :lastvisit, :lastip, :password, :version
  attr_accessor :raw_password

  #attribute :lastvisit, :string, default: DateTime.now
--- a/app/models/vote.rb
+++ b/app/models/vote.rb
@ -12,7 +12,7 @@
 class Vote < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at, :user_id
+  #attr_protected :id, :updated_at, :created_at, :user_id

  validates_uniqueness_of :user_id, :scope => :votable_id
  validates_presence_of :user_id, :votable_id, :votable_type
--- a/app/models/week.rb
+++ b/app/models/week.rb
@ -15,7 +15,7 @@
 class Week < ActiveRecord::Base
  include Extra

-  attr_protected :id, :updated_at, :created_at
+  #attr_protected :id, :updated_at, :created_at

  validates_presence_of :contest, :map1, :map2
  validates_length_of :name, :in => 1..30