轨道关联中的质量分配混淆

Question

对某些事情有些麻烦我确定是基本的，但也很难在SO上找到一个好的答案。

我有一个Users表和一个Authorization表，这是我的模型：

##Authorization.rb
class Authorization < ActiveRecord::Base
  attr_accessible :provider, :uid, :user_id
  belongs_to :user
  validates :provider, :uid, :presence => true


  def self.find(auth_hash)
    find_by_provider_and_uid(auth_hash["provider"],
                             auth_hash["uid"])
  end

  def self.create_with_hash(auth_hash)
    #if they've already registered, then just return that authorization

    unless auth = find_by_provider_and_uid(auth_hash["provider"],
                                           auth_hash["uid"])
      user = User.create(name: auth_hash["info"]["name"],
                         email: auth_hash["info"]["email"],
                         nickname: nil,
                         firstname: auth_hash["info"]["first_name"],
                         location: auth_hash["user_location"]
                         )

      auth = create(user: user,
                    provider: auth_hash["provider"],
                    uid: auth_hash["uid"])
    end

    auth
  end

end

我的用户模型：

##User.rb
require 'bcrypt'

class User < ActiveRecord::Base
  include BCrypt

  #accessible and settable properties
  attr_accessible  :name, :email, :nickname, :firstname, :location

  #relations
  has_many :authorizations, dependent: :destroy

  #validations
  validates :name, :email, :firstname,  :presence => true
  validates :email, :uniqueness => true
  validates :nickname, :uniqueness => true

  #always make sure their email and nickname are lowercased
  def before_validation(user)
    user.email.downcase!
    user.email = Password.create(email)
    user.nickname.downcase!
  end

  def after_save(user)
    user.email = Password.new(user.email)
  end

  def is_nickname_available?(nickname)
    Users.find_by_nickname(nickname.downcase).blank?
  end

  def add_nickname(user_id, nickname)
    #todo: error handling
    user = Users.find(user_id).update_attribute(nickname: nickname)
  end

  def add_provider(auth_hash)
    #Check if the provider already exists, so we don't add it twice
    unless
      authorizations.find_by_provider_and_uid(auth_hash["provider"],
                                              auth_hash["uid"])
      Authorization.create    user_id:self.id,
        provider: auth_hash["provider"],
        uid: auth_hash["uid"]
    end
  end

end

在控制器中，如果我尝试执行：Authorization.create_with_hash(auth_hash)，我会收到错误：

Can't mass-assign protected attributes: user

在Authorization.rb模型的第auth = create(user: user, provider: auth_hash["provider"], uid: auth_hash["uid"])行。

所以，我对此非常陌生，但我不清楚为什么这不起作用。有人可以解释我做错了吗？

由于 穆斯塔法

Answer 1

使用attr_accessible :provider, :uid, :user应该有效。或者改变

auth = create(user: user,
              provider: auth_hash["provider"],
              uid: auth_hash["uid"])

到

auth = create(user_id: user.id,
              provider: auth_hash["provider"],
              uid: auth_hash["uid"])