Rails 5不允許的參數:組織
[英]Rails 5 Unpermitted parameter: organization
問題描述
我為用戶提交注冊表單時出現錯誤Unpermitted parameter: organization 。 我使用的是“從頭開始授權”變體,而不是設計。 這是我的代碼:
user.rb
class User < ApplicationRecord
belongs_to :organization
has_secure_password
end
Organization.rb
class Organization < ApplicationRecord
has_many :users
has_many :tasks
accepts_nested_attributes_for :users
end
users_controller.rb
class UsersController < ApplicationController
def new
@user = User.new
@organization = Organization.new
end
def create
@user = User.new(user_params)
@user.build_organization(user_params[:organization_attributes])
if @user.save
session[:user_id] = @user.id
redirect_to root_url, notice: "Thank you for signing up!"
else
render "new"
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:email, :password, :password_confirmation, :admin,
organization_attributes: :name)
end
end
new.html.erb
<h1>Sign Up</h1>
<%= form_for @user do |f| %>
<% if @user.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% @user.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :email %><br />
<%= f.text_field :email %>
</div>
<div class="field">
<%= f.fields_for :organization do |org| %>
<%= 'Organization or Company Name' %><br />
<%= org.text_field :name %>
<% end %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password %>
</div>
<div class="field">
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %>
</div>
<div class="field">
<%= f.label :admin %><br />
<%= f.check_box :admin %>
</div>
<div class="actions"><%= f.submit "Sign Up" %></div>
<% end %>
這是提交后對控制台的一瞥...
Processing by UsersController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"lhzxsTF43PiGKwMXly/fufGoVNEMUgqymwtMkhCkNtmolArIqbUjuo/qxYUVpFxIfaB4qVV2sumDqa5O2ggLbA==", "user"=>{"email"=>"myuser@user.com", "organization"=>{"name"=>"myOrg"}, "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "admin"=>"0"}, "commit"=>"Sign Up"}
Unpermitted parameter: organization
Unpermitted parameter: organization
(0.1ms) begin transaction
SQL (0.3ms) INSERT INTO "organizations" ("created_at", "updated_at") VALUES (?, ?) [["created_at", 2016-07-25 15:39:56 UTC], ["updated_at", 2016-07-25 15:39:56 UTC]]
SQL (0.1ms) INSERT INTO "users" ("email", "password_digest", "organization_id", "created_at", "updated_at") VALUES (?, ?, ?, ?, ?) [["email", "myuser@user.com"], ["password_digest", "$2a$10$MEEXO6bU9FGwMv3WOvdYheL.1iGhx4eeDVo67qp.OPmh1BJHs0z0G"], ["organization_id", 10], ["created_at", 2016-07-25 15:39:56 UTC], ["updated_at", 2016-07-25 15:39:56 UTC]]
(0.7ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 64ms (ActiveRecord: 1.1ms)
我認為問題的根源是organization"=>{"name"=>"myOrg"}提交參數后,應該改為organization_attributes嗎?
1 個解決方案
解決方案1
1 已采納 2016-07-25 16:23:50
您的猜測是正確的,但還有其他幾個問題。
- 更改strong_params選項
organization_attributes你所說的。 - 您具有向后的
accepts_nested_attributes。 因為您正在使用user_params創建用戶,所以您的用戶模型需要accepts_nested_attributes :organization,而組織則不需要它(除非您在其他地方使用它)。 - 調整模型后,您將不再需要通過
@user.build_organization(user_params[:organization_attributes])顯式構建組織。 可以刪除該行。
最后,我只想指出,您可能不希望允許傳遞admin標志,因為這可能會帶來安全風險。 顯然不知道您的應用,只是想提一下。
Rails:Rails 5 中不允許的參數
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.