[英]Rails 4 Strong parameters with JSON array
I am trying to post an array of JSON objects, but i always get a 422 Unprocessable Entity response. 我正在尝试发布JSON对象数组,但是我始终会收到422无法处理的实体响应。
This is my controller action: 这是我的控制器动作:
def create
@myusers = params[:user]
@myusers.each do
User.create(user_params)
end
def user_params
params.permit(:name,:address )
end
Where,together with the below shown http call, the @myuser
array looks like this 与下面显示的http调用一起,
@myuser
数组看起来像这样
@myuser =[{"name"=>"name11", "address"=>"addr1"}, {"name"=>"name22", "address"=>"addr2"}, {"name"=>"name33", "address"=>"addr132"}, {"name"=>"name4", "address"=>"addr4"}]
This is the HTTP JSON body 这是HTTP JSON正文
{"user":[{
"name" : "name11",
"address":"addr1"
},
{
"name" : "name22",
"address":"addr2"
},
{
"name" : "name33",
"address":"addr132"
},
{
"name" : "name4",
"address":"addr4"
}
]}
and i added the Accept/Content-Type : application/json
header. 我添加了
Accept/Content-Type : application/json
标头。 The log file shows this 日志文件显示了这个
Started POST "/api/customer/" for 127.0.0.1 at 2015-11-02 18:45:09 +0100
Processing by Api::UserController#create as JSON
Parameters: {"user"=>[{"name"=>"name11", "address"=>"addr1"}, {"name"=>"name22", "address"=>"addr2"}, {"name"=>"name33", "address"=>"addr132"}, {"name"=>"name4", "address"=>"addr4"}]}
Unpermitted parameters: customer, format
(0.4ms) BEGIN
(0.3ms) ROLLBACK
Unpermitted parameters: customer, format
(0.3ms) BEGIN
(0.3ms) ROLLBACK
Unpermitted parameters: customer, format
(0.2ms) BEGIN
(0.6ms) ROLLBACK
Unpermitted parameters: customer, format
(0.3ms) BEGIN
(0.4ms) ROLLBACK
Unpermitted parameters: customer, format
(0.3ms) BEGIN
(0.4ms) ROLLBACK
Completed 422 Unprocessable Entity in 62ms (Views: 0.6ms | ActiveRecord: 7.0ms)
Each of the single objects is an ApplicationControllerParameter
so it should be possible to call directly the user_params
action for each entry? 每个单个对象都是一个
ApplicationControllerParameter
因此应该可以直接为每个条目调用user_params
操作吗? Or am i wrong there? 还是我错了?
thanks in advance for your help. 在此先感谢您的帮助。
Solution: 解:
I think there s some possibility that this code can be done a bit more nice but this is now working for me: 我认为有可能将这段代码做的更好一些,但是现在对我有用:
def user_params
params.permit(user: [:name,:address])
end
def create
user_params[:user].each do |u|
User.create(u)
end
end
Your issue as far as the question about parameters is concerned is that you're using the whole params hash and not narrowing it down to the 'user' bit that you're interested in permitting. 就有关参数的问题而言,您的问题是您正在使用整个params哈希,而不是将其范围缩小到您希望允许的“用户”位。 So you're getting all the other stuff that's passed eg format.
因此,您将获得所有其他已通过的内容,例如格式。 (Incidentally, shouldn't it more correctly be called 'users' rather than the singular 'user'? Anyway... Never mind that :)
(顺便说一句,难道不应该更正确地称其为“用户”而不是单数的“用户”吗?无论如何……不要介意:)
I think it should be something like 我认为应该是这样
params.permit(user: [:name, :address])
or 要么
params.require(:user).permit?([:name, :address])
There's a bit about nested parameters in the docs of the strong_parameters gem here: 在strong_parameters gem的文档中,有一些关于嵌套参数的信息:
https://github.com/rails/strong_parameters#nested-parameters https://github.com/rails/strong_parameters#nested-parameters
Hope that helps... 希望有帮助...
So, you have an array of hashes coming through params, which needed to be permitted, and then you do a simple loop over your array to save each to your database. 因此,您需要通过参数散列数组,这需要被允许,然后对数组进行简单循环以将每个散列保存到数据库中。
The first step is getting the params permission right. 第一步是获取params权限。
You can check the documentation here for more insight into permitting params. 您可以在此处查看文档,以更深入地了解允许参数。
Let's define the users_params private method as follow: 让我们如下定义users_params私有方法:
def users_params
params.permit(user: []) #declare that the parameter should be an array of permitted scalars by mapping it to an empty array
end
Then from the create
action: 然后从
create
动作开始:
def create
@myusers = users_params #this returns an array of the user hashes passed from params
# Now, loop through these hashes, and create new users with their values
@myusers.each do |user_hash|
User.create(user_hash)
end
end
Note that we are not repeatedly going to fetch the JSON hashes from the params. 请注意,我们不会重复从参数中获取JSON哈希值。 Since we already have it all in our
@myusers
variable, all that is needed to do is to loop through it, and save a new instance of User with the hash at the current index of our loop. 因为我们已经在
@myusers
变量中拥有了所有这些,所以要做的就是遍历它,并使用哈希将新的User实例保存在循环的当前索引中。
More examples on how to permit different types of params are available in the above documentation , you can check it out as well. 上面的文档中提供了更多有关如何允许不同类型的参数的示例,您也可以将其检出。
Hope this was helpful 希望这会有所帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.