support atributes filtering aka be nice to anti-mass-assignment solutions

[pietia]

to avoid this kind of situations:

ActiveModel::MassAssignmentSecurity::Error (Can't mass-assign protected attributes: created_at, creator_id, events_count, id, updated_at):
  activemodel (3.2.2.rc1) lib/active_model/mass_assignment_security/sanitizer.rb:48:in `process_removed_attributes'
  activemodel (3.2.2.rc1) lib/active_model/mass_assignment_security/sanitizer.rb:20:in `debug_protected_attribute_removal'
  activemodel (3.2.2.rc1) lib/active_model/mass_assignment_security/sanitizer.rb:12:in `sanitize'

we should have ability to explicitly set 'secure attributes':

class Base extends Backbone.Model

  toJSON: ->
    if _.isEmpty(@jsonRoot)
      @_cloneAttributes()
    else
      json = {}
      json[@jsonRoot] = @_cloneAttributes()
      json

  _cloneAttributes: ->
    if _.isEmpty(@secureAttributes)
      _.clone(@attributes)
    else
      filteredAttributes = {}
      for sa in @secureAttributes
        filteredAttributes[sa] = @get(sa)
      _.clone(filteredAttributes)

class Booking.Models.Calendar extends Base
  jsonRoot: 'calendar'

  secureAttributes: ['name', 'city', 'district', 'address', 'specialty']

[polarblau]

Interesting idea! Might go a bit far, though. How would the secureAttributes be set?

[pietia]

just in model:

  class Booking.Models.Calendar extends Booking.Models.Base
    secureAttributes: ['name', 'city', 'district', 'address', 'specialty']