由于参数较强,嵌套形式参数无效

时间:2013-09-05 17:30:19

标签: ruby-on-rails-4

我有一个模型宣言,它有很多费用:

class Declaration < ActiveRecord::Base
  has_many :costs
  accepts_nested_attributes_for :costs
end

class Cost < ActiveRecord::Base
  belongs_to :declaration
end

我想要一个表单,其中我有10个成本行用于声明,所以在声明控制器中我有以下内容,带有许可参数用于强参数:

  def new
    @declaration = Declaration.new
    @costs = Array.new(10) { @declaration.costs.build }
  end

  def create
    @declaration = Declaration.new(declaration_params)
    if @declaration.save
      redirect_to user_declarations_path, notice: I18n.t('.declaration.message_create')
    else
      render action: "new"
    end
  end

  private

  def declaration_params
    params.require(:declaration).permit(:approval_date, :submit_date, :status, :user_id, :declaration_number,
      costs_attributes: [:id, :description, :amount_foreign, :rate, :amount, :cost_date, :projectuser_id])
  end

当然有形式,所以当我提交表格时,我会在日志中看到:

Started POST "/users/3/declarations" for 127.0.0.1 at 2013-09-05 19:12:38 +0200
Processing by DeclarationsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"mhaznOuBy/zj7LA/nIpDTy7X2u5UrR+0jleJsFid/JU=", "declaration"=>{"user_id"=>"3", "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"", "projectuser_id"=>"", "description"=>"", "amount_foreign"=>"", "rate"=>"", "amount"=>""}}, "commit"=>"Opslaan", "user_id"=>"3"}
  User Load (0.7ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 3 ORDER BY "users"."id" ASC LIMIT 1
Unpermitted parameters: cost

那么为什么我会得到一个未经许可的参数cost ??

更新:声明表格在下面添加:

- if can? :create, Declaration
  = form_for [current_user, @declaration] do |f|
    = f.hidden_field :user_id, value: current_user.id

    .row
      .page-header
        .span7
          %h1.title
            %i{ class: "icon-coffee icon-large" }
            = I18n.t('.declaration.add_title')
        .span5
          .action
            - if can? :create, Declaration
              = link_to I18n.t('.general.cancel'), user_declarations_path(current_user), class: 'btn'
              = f.submit(class: 'btn', value: I18n.t('.general.save'))
    .row
      .span12
        = render "layouts/error_messages", target: @declaration

    .row
      .span12
        = render "form", f: f

呈现的形式:

.row
  .span12
    %table.table.table-striped#declarations
      %thead
        %tr
          %th= I18n.t('.cost.cost_date')
          %th= I18n.t('.cost.project')
          %th= I18n.t('.cost.description')
          %th= I18n.t('.cost.amount_foreign')
          %th= I18n.t('.cost.rate')
          %th= I18n.t('.cost.amount')
      %tbody
        - @costs.each do |cost|
          = f.fields_for cost, html: { class: "form-inline"} do |c|
            %tr
              %td{ "data-title" => "#{I18n.t('.cost.cost_date')}" }= c.date_select :cost_date, { include_blank: true, default: nil }
              %td{ "data-title" => "#{I18n.t('.cost.project')}" }= c.collection_select :projectuser_id, @projectusers, :id, :full_name, include_blank: true
              %td{ "data-title" => "#{I18n.t('.cost.description')}" }= c.text_field :description, class: "input-large"
              %td{ "data-title" => "#{I18n.t('.cost.amount_foreign')}" }= c.text_field :amount_foreign, class: "input-small", type: :number, step: "any"
              %td{ "data-title" => "#{I18n.t('.cost.rate')}" }= c.text_field :rate, class: "input-small", type: :number, step: "any"
              %td{ "data-title" => "#{I18n.t('.cost.amount')}" }= c.text_field :amount, class: "input-small", type: :number, step: "any"

有许可证!我收到此错误消息:

Started POST "/users/3/declarations" for 127.0.0.1 at 2013-09-09 09:29:44 +0200
Processing by DeclarationsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"jQwy7psQwixneWF8DezrR/Wo5VKU/dpfz+sosiatm9c=", "declaration"=>{"user_id"=>"3", "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"", "projectuser_id"=>"", "description"=>"", "amount_foreign"=>"", "rate"=>"", "amount"=>""}}, "commit"=>"Opslaan", "user_id"=>"3"}
  User Load (0.6ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 3 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 6ms

ArgumentError - wrong number of arguments (6 for 0):
  app/controllers/declarations_controller.rb:70:in `declaration_params'
  app/controllers/declarations_controller.rb:21:in `create'

2 个答案:

答案 0 :(得分:1)

第一印象是你要返回三个cost_date参数。我认为这需要作为数组返回。你的参数就是:

 def declaration_params
 params.require(:declaration).permit(:approval_date, :submit_date, :status, :user_id, :declaration_number,
  costs_attributes: [:id, :description, :amount_foreign, :rate, :amount, :projectuser_id, :cost_date =>[]])
end

然后代替你的网络服务器回来:

... "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"",... 

它应该得到:

"cost"=>{"cost_date"=>["","",""],...

虽然没有看到表格,但我不知道这是否是你想要达到的目的。

答案 1 :(得分:0)

似乎改变了这个:

  - @costs.each do |cost|
      = f.fields_for cost, html: { class: "form-inline"} do |c|

到此:

= f.fields_for(:costs) do |c|

诀窍,因为现在所有成本记录都被保存了。在控制器中我现在有这个:

@declaration = Declaration.new
10.times do |n|
  @declaration.costs.build
end

我现在唯一的问题是它可以节省空的成本记录。