Question

我正在安装Engage!

我按照此处的安装说明进行操作：http://engagecsm.com/readme

我做的安装步骤：

添加Engage！应用程序的Gemfile：gem'intembesm'。
安装它：bundle install。
运行生成器：rails generate engage user。
运行迁移：rake db：migrate。

现在，我可以去localhost：3000 /搞

Picture of the results of doing "rake routes". It displays "engage /engage Engage::Engine

这就是显示的内容：

This is a picture of the Engage! forum, where I have entered data to be used in created a new topic. THere is a "Create Topic" submit button in the bottom right that I click to get the error in the rails server console.

现在，当我点击“创建主题”时，网站上没有任何反应。我看看我的rails服务器控制台，我看到了:(更容易在这里查看http://i.stack.imgur.com/xKBER.png，在底部找到完整的堆栈跟踪）

$Started POST "/engage/topics" for 127.0.0.1 at 2013-01-19 19:48:26 -0700 Processing by Engage::TopicsController#create as JS Parameters: {"utf8"=>"✓", "authenticity_token"=>"aRKQAwMsnc1DJJ62S6bb7EkhFkzuCDtNL0kV756LIP4=", "topic"=>{"style"=>"question", "title"=>"ww", "message"=>"www", "follow"=>"1"}, "commit"=>"Create Topic"} User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1 Engage::UserProfile Load (0.4ms) SELECT "engage_user_profiles".* FROM "engage_user_profiles" WHERE "engage_user_profiles"."user_id" = 1 LIMIT 1 (0.1ms) begin transaction Engage::UserProfile Load (0.3ms) SELECT "engage_user_profiles".* FROM "engage_user_profiles" INNER JOIN "users" ON "engage_user_profiles"."user_id" = "users"."id" WHERE "users"."id" = 1 LIMIT 1 SQL (1.2ms) INSERT INTO "engage_topics" ("comments_count", "created_at", "followers_count", "message", "private", "status", "string", "style", "title", "updated_at", "user_id", "votes_count") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [["comments_count", 0], ["created_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["followers_count", 0], ["message", "www"], ["private", false], ["status", "pending"], ["string", nil], ["style", "question"], ["title", "ww"], ["updated_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["user_id", 1], ["votes_count", 0]] Engage::Following Load (0.3ms) SELECT "engage_followings".* FROM "engage_followings" WHERE "engage_followings"."topic_id" = 7 AND "engage_followings"."user_id" = 1 LIMIT 1 User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1 Binary data inserted for <code>string</code> type on column <code>token</code> SQL (0.9ms) INSERT INTO "engage_followings" ("created_at", "token", "topic_id", "updated_at", "user_id") VALUES (?, ?, ?, ?, ?) [["created_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["token", "5813db34aaedfa6226cf77b7a17d5dfbcf8d4560"], ["topic_id", 7], ["updated_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["user_id", 1]] Engage::Topic Load (0.2ms) SELECT "engage_topics".* FROM "engage_topics" WHERE "engage_topics"."id" = 7 ORDER BY created_at DESC LIMIT 1 SQL (0.8ms) UPDATE "engage_topics" SET "followers_count" = COALESCE("followers_count", 0) + 1 WHERE "engage_topics"."id" IN (SELECT "engage_topics"."id" FROM "engage_topics" WHERE "engage_topics"."id" = 7 ORDER BY created_at DESC) (3.8ms) commit transaction (0.1ms) begin transaction (0.1ms) rollback transaction Completed 500 Internal Server Error in 71msActiveModel::MassAssignmentSecurity::Error (Can't mass-assign protected attributes: user): activemodel (3.2.11) lib/active_model/mass_assignment_security/sanitizer.rb:48:in <code>process_removed_attributes' activemodel (3.2.11) lib/active_model/mass_assignment_security/sanitizer.rb:20:in</code>debug_protected_attribute_removal' activemodel (3.2.11) lib/active_model/mass_assignment_security/sanitizer.rb:12:in `sanitize'$

所以我开始谷歌搜索，我看到这样的事情：

我已将attr_accessible：user添加到我的用户模型中，但这不起作用。

这是我的用户模型：

$class User < ActiveRecord::Base include Engage::Extensions::User has_many :resources has_many :resource_views, :class_name => 'UserResourceView' has_many :viewed_resources, :through => :resource_views, :source => :resource has_many :evaluations, class_name: "RSEvaluation", as: :source has_reputation :votes, source: {reputation: :votes, of: :resources}, aggregated_by: :sum has_reputation :karma, :source => { :reputation => :votes, :of => :resources } def voted_for?(resource) evaluations.where(target_type: resource.class, target_id: resource.id).present? end def recently_viewed_resources viewed_resources.order('user_resource_views.created_at DESC') end # Include default devise modules. Others available are: # :token_authenticatable, :confirmable, # :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable # Setup accessible (or protected) attributes for your model attr_accessible :user_id, :email, :password, :password_confirmation, :remember_me # attr_accessible :title, :body end$

另外，我看不到我如何访问Engage模型等，请看这里是我的目录：

List of my directory: Controllers, Helpers, Models and Views. None of which is Engage specific. I couldn't find where Engage's controllers and such was. It is in the gem.

有谁知道如何解决这个问题？如果您需要任何其他信息，请告诉我，我将提供截图。

非常感谢任何帮助。谢谢！

编辑＃1 - 添加应用程序控制器图片和完整堆栈跟踪

这是我唯一能看到Engage的地方！在控制器中（我目前没有用户控制器）

application_controller.rb file. class ApplicationController < ActionController::Base include Engage::Extensions::Helpers protect_from_forgery end

这是完整的堆栈跟踪：

$Started POST "/engage/topics" for 127.0.0.1 at 2013-01-19 19:48:26 -0700 Processing by Engage::TopicsController#create as JS Parameters: {"utf8"=>"✓", "authenticity_token"=>"aRKQAwMsnc1DJJ62S6bb7EkhFkzuCDtNL0kV756LIP4=", "topic"=>{"style"=>"question", "title"=>"ww", "message"=>"www", "follow"=>"1"}, "commit"=>"Create Topic"} User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1 Engage::UserProfile Load (0.4ms) SELECT "engage_user_profiles".* FROM "engage_user_profiles" WHERE "engage_user_profiles"."user_id" = 1 LIMIT 1 (0.1ms) begin transaction Engage::UserProfile Load (0.3ms) SELECT "engage_user_profiles".* FROM "engage_user_profiles" INNER JOIN "users" ON "engage_user_profiles"."user_id" = "users"."id" WHERE "users"."id" = 1 LIMIT 1 SQL (1.2ms) INSERT INTO "engage_topics" ("comments_count", "created_at", "followers_count", "message", "private", "status", "string", "style", "title", "updated_at", "user_id", "votes_count") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [["comments_count", 0], ["created_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["followers_count", 0], ["message", "www"], ["private", false], ["status", "pending"], ["string", nil], ["style", "question"], ["title", "ww"], ["updated_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["user_id", 1], ["votes_count", 0]] Engage::Following Load (0.3ms) SELECT "engage_followings".* FROM "engage_followings" WHERE "engage_followings"."topic_id" = 7 AND "engage_followings"."user_id" = 1 LIMIT 1 User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1 Binary data inserted for <code>string</code> type on column <code>token</code> SQL (0.9ms) INSERT INTO "engage_followings" ("created_at", "token", "topic_id", "updated_at", "user_id") VALUES (?, ?, ?, ?, ?) [["created_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["token", "5813db34aaedfa6226cf77b7a17d5dfbcf8d4560"], ["topic_id", 7], ["updated_at", Sun, 20 Jan 2013 02:48:26 UTC +00:00], ["user_id", 1]] Engage::Topic Load (0.2ms) SELECT "engage_topics".* FROM "engage_topics" WHERE "engage_topics"."id" = 7 ORDER BY created_at DESC LIMIT 1 SQL (0.8ms) UPDATE "engage_topics" SET "followers_count" = COALESCE("followers_count", 0) + 1 WHERE "engage_topics"."id" IN (SELECT "engage_topics"."id" FROM "engage_topics" WHERE "engage_topics"."id" = 7 ORDER BY created_at DESC) (3.8ms) commit transaction (0.1ms) begin transaction (0.1ms) rollback transaction Completed 500 Internal Server Error in 71ms$

编辑＃2 - 添加参与环境：

此外，我们安装了Devise（和我相信的OmniAuth ......）。因此，我们有“current_user”，但我不知道我们是否有“用户名”或“电子邮件”方法，除非这是标准的Devise或其他东西 $This is the engage.rb file. Engage.configure do |config| config.layout = 'application' config.user_model = 'User' config.mailer_sender = 'engage@knowledgethief.com' config.internal_authentication = false config.current_user_method = Proc.new { current_user } config.login_link = { :path => :new_user_session_path, :opts => { :remote => true } } config.username_method = Proc.new { username } config.email_method = Proc.new { email } end$

编辑＃3 - 正如Geoff建议的那样，我查看了topics_controller的第46行。该行如下：

@ topic.votes.create（：user =＆gt; engage_current_user）

Answer 1

根据所提供的信息，我担心我不知道发生了什么，但我可以帮助解释一下你所得到的错误。

跟踪中的最后一个非库行是：

engagecsm（1.0.8）app / controllers / engage / topics_controller.rb：46：in“create”

此代码可能位于您的默认gem路径中。如果你在* nix上，可能是/usr/lib/ruby/gems或/home/user_name/.gem/ruby。

在处理该行代码时，它会遇到质量分配安全性错误。

它可能会帮助您查看该行代码以查看它所遇到的模型。请勿在此处发布该行代码。 Engage的许可证！似乎不是标准的开源软件之一，如果您在此处发布，则可能违反了许可证。我可能错了，但比抱歉更安全。

有两个变量可以通过质量分配安全性来提升你。它们是属性和角色。将attr_accessible :user添加到适当的模型只有在使用默认角色时才有帮助。如果他们使用:admin角色，则您需要添加attr_accessible :user, as: :admin。我不认为您的User模型的属性为:user，因此可能需要将其添加到其他位置。

如果我不得不猜测你做错了什么，我想你可能已经遵循了安全指南：

http://guides.rubyonrails.org/security.html

在该指南中，他们建议您默认将配置设置为白名单。

config.active_record.whitelist_attributes = true

如果你这样做并且参与！不是用MassAssignment支持写的，这可以解释你所看到的错误。

对不起，我无法确切地解释你的问题，但我希望它有所帮助。

Answer 2

查看您的 stack trace 问题在topices_controller中 - 因此可能意味着您需要将:user_id添加到attr_accessible模型中的Engage/Topic。

Answer 3

它是Engage的一员！开发者在这里我可以看到Engage有两个问题！如上所述。

我们已找到第一个解决方案（您使用attr_accessible :user解决了该解决方案），因此很快就会有一个Rubygems更新。

第二个（主题实际上未显示在索引页面上的事实）与cancan gem中的更改相关联。我们仍然需要找出解决此问题的最佳方法，但快速解决方法是将Cancan版本锁定在Gemfile中，如下所示：gem 'cancan', '1.6.7'。

我们会在Rubygems上提供解决这些问题的更新时通知您。

干杯！

Answer 4

我需要将以下行添加到Engage / Vote Model

attr_accessible :user

现在它会说＆＃34;主题已成功创建。＆＃34;

但是，我无法看到列出的主题。但是，我相信我已经解决了这部分问题。我去

时能看到这个话题

http://localhost:3000/engage/topics/1

Rails参与！错误（无法批量分配受保护的属性：用户）

4 个答案: