我知道您应该使用“attr_accessible”来允许大规模分配保护,这实际上就是我在用户模型中所做的事情。为什么还要抱怨?
Can't mass-assign protected attributes: email, password
用户控制器:
class UsersController < ApplicationController
def index
@users = User.new
end
def show
@user = User.find(2)
end
def login
@user = Project.new(params[:user])
...
end
end
用户模型:
class User < ActiveRecord::Base
has_and_belongs_to_many :projects
belongs_to :project
belongs_to :ticket
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password
end
视图,_navigation.html.erb:
<%= form_for("user", :url => login_users_path, :html => { :method => :post }) do |f| %>
<%= f.label :email%>
<%= f.text_field(:email, :size => 30, :class => 'login_field', :placeholder => 'Användarnamn')%>
<%= f.label :password%>
<%= f.text_field(:password, :size => 30, :class => 'login_field', :placeholder => 'Lösenord')%>
<%= f.submit "Logga in", :class => 'login_submit btn btn-primary' %>
<% end %>
:
resources :users do
post :login, on: :collection, as: :login
end
因为我正在使用上面的集合,所以应该(据我所知)是我正在使用的正确控件/模型(用户)?
答案 0 :(得分:3)
我认为它应该是User而不是Project
def login
@user = User.new(params[:user])
...
end
答案 1 :(得分:2)
您还应将索引操作更改为:
def index
@users = Users.all
end
并展示行动:
def show
@user = User.find(params[:id])
end