[英]Error of mass assignement on my rspec test (Rails.32, active_admin, rspec)
I'm building a daily deal app to learn RoR. 我正在构建一个日常交易应用程序来学习RoR。
My question is about attr_accessible
and how to test a model where attributes are protected against mass-assignment. 我的问题是关于
attr_accessible
以及如何在保护属性免遭大量分配的情况下测试模型。
I have 3 Models in my app: 我的应用程序中有3个模型:
Basically Deals belongs_to Admin_users and I want only admin users sot be able to publish Deals. 基本上,Deals属于Admin_users,我只希望管理员用户能够发布Deal。
The problem I have is that if I am not wrong, I needed to put all attributes attr_accessible
so that I can create a form and save a Deal and then, to protect attributes (especially admin_user_id) I added with_role
as: :admin
to protect them and make only accessible to an admin (I used this as inspiration: http://ejholmes.github.io/2012/04/22/handling-mass-assignment-with-active-admin.html ) 我的问题是,如果我没有记错,我需要将所有属性
attr_accessible
放在attr_accessible
以便我可以创建表单并保存交易,然后为了保护属性(尤其是admin_user_id),我添加了with_role
as: :admin
以保护它们并且仅允许管理员访问(我以此为灵感: http : //ejholmes.github.io/2012/04/22/handling-mass-assignment-with-active-admin.html )
My problem is that RSpec tests that were working before putting as: :admin
, are now failing and the error message I get is: 我的问题是放置
as: :admin
之前运行的RSpec测试现在失败了,我得到的错误消息是:
ActiveModel::MassAssignmentSecurity::Error:
Can't mass-assign protected attributes: url_path, country, title, description, twitter_msg, image_url, prelaunch_date, deal_launch_date, deal_end_date, featured, admin_user_id
I think RSpec does not get I am an admin so I have the right to mass assign theses attributes. 我认为RSpec无法让我成为管理员,所以我有权批量分配这些属性。
How can I solve this? 我该如何解决?
Here are my files for reference: 这是我的文件供参考:
deal_spec.rb deal_spec.rb
class Deal < ActiveRecord::Base
belongs_to :admin_user, :foreign_key => 'admin_user_id'
attr_accessible :url_path,
:country,
:title,
:description,
:twitter_msg,
:image_url,
:prelaunch_date,
:deal_launch_date,
:deal_end_date,
:featured,
:admin_user_id,
:as => :admin_user
validates :title,
presence: true,
length: { maximum: 200 }
My active admin set up: on initializers/active_admin.rb 我的活动管理员设置:在initializers / active_admin.rb上
ActiveAdmin.setup do |config|
config.site_title = "My App"
config.logout_link_path = :destroy_admin_user_session_path
config.batch_actions = true
# got it on http://ejholmes.github.io/2012/04/22/handling-mass-assignment-with-active-admin.html
module ActiveAdmin
class BaseController
with_role :admin_user
end
end
end
The factory for admin_users: admin_users的工厂:
FactoryGirl.define do
factory :admin_user do
sequence(:email) { |n| "person_#{n}@example.com"}
password "admin_pass"
password_confirmation "admin_pass"
end
end
And the TEST that is actually failing: it's an example on the title lenght test: 测试实际上是失败的:这是标题长度测试的一个示例:
require 'spec_helper'
require 'date'
describe Deal do
let(:admin_user) { FactoryGirl.create(:admin_user) }
before(:each) do
@attr = {
url_path: "lorem ipsum",
country: "France",
title: "lorem ipsum",
description: "lorem ipsum lorem ipsum lorem ipsum lorem ipsum lorem ipsum lorem ipsum",
twitter_msg: "http://www.example.com",
image_url: "http://www.example2.com",
prelaunch_date: 2.days.from_now.change(hour: 10),
deal_launch_date: 3.days.from_now.change(hour: 10),
deal_end_date: 15.days.from_now.change(hour: 10),
featured: true,
admin_user_id: 1
}
describe "tests TITLES" do
it { should validate_presence_of(:title) }
it "should reject title that is too long" do
long = "a" * 211
hash = @attr.merge(:title => long)
Deal.new(hash).should have(1).error_on(:title)
end
end
I feel I haven't told my deal_rspec.rb test file that :admin_user is really an admin! 我觉得还没有告诉我的deal_rspec.rb测试文件:: admin_user确实是管理员! I don't know how to do it and even if I am protecting well my Deal model attributes against mass assignment.
我不知道该怎么做,即使我很好地保护了我的Deal模型属性免于大规模分配。 Does anybody know how I can make these tests pass again?
有人知道我怎样才能使这些测试再次通过吗?
The problem here is that the :as => :admin flag is not referring to an active_record model, it's just an a arbitrary symbol your defining. 这里的问题是:as =>:admin标志没有引用active_record模型,它只是您定义的任意符号。 Using it means you need to pass as: :admin in the create call like this
使用它意味着您需要像这样在create调用中以:admin传递
Deal.create(params[:deal], as: :admin)
So your actual problem is probably with your factory, since it doesn't know to pass the flag when it makes your object. 因此,您的实际问题可能出在工厂,因为在制造对象时它不知道传递标志。 Try something like this
试试这个
factory :deal do
my_attr "abc"
initialize_with do
create(attributes, as: :admin)
end
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.