When ActiveRecord updates the database (on save()), the actual query to the database is generated and sent.
By default, the generated query will include all the columns, even if just one of them changes (set c1 = ?, c2 = ?, …).
The problem is, the database user might not have permission to alter certain columns (I didn't create the tables or the permissions!)
One way around it is to remove the attribute from the attribute list in beforeSave() and add it again in afterSave(), but that's a bit brutal method, isn't it ?
Could there be a way around this by specifying fields to disallow from update ?