search

kirkbushell / eloquence

A drop-in library for certain database functionality in Laravel, that allows for extra features that may never make it into the main project.
MIT License
537 stars 60 forks source link

Cannot mass assign to camel cased fields #80

Closed horuskol closed 3 years ago

horuskol commented 3 years ago

A recent security release for Laravel has put in an extra constraint that you can only mass assign to existing columns in the table, which has broken some of my models where I've used camelCasing, since the column check happens before the attribute is set (and written to the database).

It is possible to overload the Eloquent isGuardableColumn method so that it looks for the snake_cased field name instead. I propose adding the following to the CamelCasing behaviour:

    /**
     * Overloads the eloquent isGuardableColumn method to ensure that we are checking for the existence of
     * the snake_cased column name.
     *
     * @param  string  $key
     * @return bool
     */
    protected function isGuardableColumn($key)
    {
        return parent::isGuardableColumn($this->getSnakeKey($key));
    }

I'm happy to do a PR for this - I've already confirmed it doesn't break any existing tests.

kirkbushell commented 3 years ago

Thanks @horuskol. If you wouldn't mind - setup a PR and I'll take a look in a few hours :)