docs(database-patterns): add critical note on mass assignment protection for new columns

2025-10-09 15:36:40 +02:00 · 2025-10-09 15:36:40 +02:00 · 231ad85e15
commit 231ad85e15
parent 704ddf2968
2 changed files with 24 additions and 0 deletions
--- a/.cursor/rules/database-patterns.mdc
+++ b/.cursor/rules/database-patterns.mdc
@ -142,6 +142,29 @@ Schema::create('applications', function (Blueprint $table) {
 - **Soft deletes** for audit trails
 - **Activity logging** with Spatie package

+### **CRITICAL: Mass Assignment Protection**
+**When adding new database columns, you MUST update the model's `$fillable` array.** Without this, Laravel will silently ignore mass assignment operations like `Model::create()` or `$model->update()`.
+
+**Checklist for new columns:**
+1. ✅ Create migration file
+2. ✅ Run migration
+3. ✅ **Add column to model's `$fillable` array**
+4. ✅ Update any Livewire components that sync this property
+5. ✅ Test that the column can be read and written
+
+**Example:**
+```php
+class Server extends BaseModel
+{
+    protected $fillable = [
+        'name',
+        'ip',
+        'port',
+        'is_validating', // ← MUST add new columns here
+    ];
+}
+```
+
 ### Relationship Patterns
 ```php
 // Typical relationship structure in Application model
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -160,6 +160,7 @@ ### Database Patterns
 - Use database transactions for critical operations
 - Leverage query scopes for reusable queries
 - Apply indexes for performance-critical queries
+- **CRITICAL**: When adding new database columns, ALWAYS update the model's `$fillable` array to allow mass assignment

 ### Security Best Practices
 - **Authentication**: Multi-provider auth via Laravel Fortify & Sanctum