我知道这是一个流行的错误,但我有类User<的ActiveRecord :: Base的 attr_protected:provider,:uid,:name,:我的用户模型中的电子邮件,但仍然出现此错误。
以下是详细信息:
ActiveModel::MassAssignmentSecurity::Error in UsersController#update
Can't mass-assign protected attributes: email
Rails.root: /Users/ewalker/Documents/alift
Application Trace | Framework Trace | Full Trace
app/controllers/users_controller.rb:19:in `update'
Request
Parameters:
{"utf8"=>"✓",
"_method"=>"put",
"authenticity_token"=>"F+5itYNqPddn4usVgIJwzG+PSz50Up7mqZs50x3f9Ho=",
"user"=>{"email"=>"erin@walkersmidas.com"},
"commit"=>"Sign in",
"id"=>"1"}
我的用户控制器:
class UsersController < ApplicationController
def show
@user = User.find(params[:id])
end
def index
@users = User.all
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
redirect_to @user
else
render :edit
end
end
end
用户模型:
class User < ActiveRecord::Base
attr_protected :provider, :uid, :name, :email
has_many :posts, dependent: :destroy
def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
user.provider = auth.provider
user.uid = auth.uid
user.name = auth.info.name
user.oauth_token = auth.credentials.token
user.oauth_expires_at = Time.at(auth.credentials.expires_at)
user.save!
end
end
end
和编辑表单:
<%= form_for(@user) do |f| %>
<%= f.label :email %>
<%= f.text_field :email %>
<br />
<%= f.submit "Sign " %>
<% end %>
由于
答案 0 :(得分:4)
attr_protected
可以防止质量分配,因此可以预料到错误。 attr_accessible :email
可能是您想要的,它允许在批量分配中设置属性。