我正在使用Rails 3.2.14,inherited_resource和strong_parameter gem。
注释掉
#config.active_record.whitelist_attributes = false. in production.rb
#config.active_record.mass_assignment_sanitizer = :strict in developemt.rb
将此添加到初始化
ActiveRecord::Base.send(:include, ActiveModel::ForbiddenAttributesProtection)
但是继续得到这个大规模的赋值错误,其中name未能分配给模型并导致generate_slug函数失败:
Started POST "/inventory" for 192.168.1.74 at 2013-10-09 16:24:31 +1300
Processing by ProductsController#create as JSON
Parameters: {"name"=>"Jjkm", "sku"=>"Jimm", "product"=>{"name"=>"Jjkm"}}
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1
Company Load (0.2ms) SELECT "companies".* FROM "companies" WHERE "companies"."id" = $1 LIMIT 1 [["id", "1"]]
WARNING: Can't mass-assign protected attributes: name
(0.3ms) BEGIN
(0.1ms) COMMIT
CompaniesUser Load (0.5ms) SELECT "companies_users".* FROM "companies_users" WHERE "companies_users"."user_id" = 1 AND "companies_users"."company_id" = 1 LIMIT 1
.........#<Product id: nil, name: nil, description: nil, avaliable_on: nil, deleted_at: nil, meta_description: nil, meta_keywords: nil, created_at: nil, updated_at: nil, company_id: 1, slug: nil, cid: nil, product_type_id: nil, vendor_id: nil, url_1: nil, url_2: nil, state: "inactive", created_by: nil, model_no: nil>
(0.2ms) BEGIN
(0.2ms) ROLLBACK
Completed 500 Internal Server Error in 13ms
NoMethodError (undefined method `parameterize' for nil:NilClass):
app/models/product.rb:117:in `generate_slug'
app/controllers/products_controller.rb:13:in `create'
app/controllers/application_controller.rb:80:in `scope_current_company'
型号:
class Product < ActiveRecord::Base
before_validation :generate_slug
def generate_slug
self.slug ||= name.parameterize
end
end
控制器:
class ProductsController < ResourceController
load_and_authorize_resource :except => [:index]
def create
logger.info ".........#{@product.inspect}"
@product.created_by = current_user.username
create!
end
def build_resource_params
[params.require(:product).permit(*permitted_product_attributes)]
end
end
permitted_product_attributes = [
:url_1, :url_2, :sku, :avaliable_on, :type_name, :deleted_at, :description, :meta_description, :meta_keywords,
:name, :cost_price, :model_no, :init_count_on_hand, :vendor_name, :is_infinite, :init_warehouse, :created_by
]
我的宝石清单:
Using rake (10.1.0)
Using i18n (0.6.5)
Using multi_json (1.8.1)
Using activesupport (3.2.14)
Using builder (3.0.4)
Using activemodel (3.2.14)
Using erubis (2.7.0)
Using journey (1.0.4)
Using rack (1.4.5)
Using rack-cache (1.2)
Using rack-test (0.6.2)
Using hike (1.2.3)
Using tilt (1.3.7)
Using sprockets (2.2.2)
Using actionpack (3.2.14)
Using mime-types (1.25)
Using polyglot (0.3.3)
Using treetop (1.4.15)
Using mail (2.5.4)
Using actionmailer (3.2.14)
Using active_utils (2.0.1)
Using arbre (1.0.1)
Using sass (3.2.12)
Using thor (0.18.1)
Using bourbon (3.1.8)
Using bcrypt-ruby (3.1.2)
Using orm_adapter (0.4.0)
Using rack-ssl (1.3.3)
Using json (1.8.0)
Using rdoc (3.12.2)
Using railties (3.2.14)
Using atomic (1.1.14)
Using thread_safe (0.1.3)
Using warden (1.2.3)
Using devise (3.1.1)
Using formtastic (2.2.1)
Using has_scope (0.6.0.rc)
Using responders (1.0.0)
Using inherited_resources (1.4.1)
Using jquery-rails (2.1.4)
Using kaminari (0.14.1)
Using arel (3.0.2)
Using tzinfo (0.3.38)
Using activerecord (3.2.14)
Using polyamorous (0.5.0)
Using meta_search (1.1.3)
Using activeresource (3.2.14)
Using bundler (1.3.5)
Using rails (3.2.14)
Using activeadmin (0.6.1)
Using money (5.1.1)
Using mini_portile (0.5.1)
Using nokogiri (1.6.0)
Using activemerchant (1.38.1)
Using activerecord-import (0.4.1)
Using ancestry (2.0.0)
Using angular-ui-bootstrap-rails (0.6.0.0)
Using angularjs-rails (1.0.8)
Using best_in_place (2.1.0)
Using bootstrap-wysihtml5-rails (0.3.1.23)
Using cancan (1.6.10)
Using highline (1.6.19)
Using net-ssh (2.7.0)
Using net-scp (1.1.2)
Using net-sftp (2.1.2)
Using net-ssh-gateway (1.2.0)
Using capistrano (2.15.5)
Using capistrano_colors (0.5.5)
Using xpath (2.0.0)
Using capybara (2.1.0)
Using carrierwave (0.9.0)
Using carrierwave_backgrounder (0.3.0)
Using timers (1.1.0)
Using celluloid (0.15.2)
Using ffi (1.9.0)
Using childprocess (0.3.9)
Using chronic (0.10.2)
Using ci_reporter (1.9.0)
Using ckeditor (4.0.6)
Using client_side_validations (3.2.6)
Using simple_form (2.1.0)
Using client_side_validations-simple_form (2.1.0)
Using coffee-script-source (1.6.3)
Using execjs (2.0.2)
Using coffee-script (2.2.0)
Using coffee-rails (3.2.2)
Using turbolinks (1.1.1)
Using client_side_validations-turbolinks (1.1.1)
Using cliver (0.2.2)
Using coderay (1.0.9)
Using commonjs (0.2.7)
Using connection_pool (1.1.0)
Using country_select (1.2.0)
Using daemons (1.1.9)
Using deep_cloneable (1.5.5)
Using devise_invitable (1.3.0)
Using diff-lcs (1.2.4)
Using ejs (1.1.1)
Using eventmachine (1.0.3)
Using http_parser.rb (0.5.3)
Using em-websocket (0.5.0)
Using exception_notification (4.0.1)
Using excon (0.25.3)
Using factory_girl (4.2.0)
Using factory_girl_rails (4.2.1)
Using multipart-post (1.2.0)
Using faraday (0.8.8)
Using formatador (0.2.4)
Using ruby-hmac (0.4.0)
Using fog (1.15.0)
Using font-awesome-rails (3.2.1.3)
Using rb-fsevent (0.9.3)
Using rb-inotify (0.9.2)
Using listen (2.0.1)
Using lumberjack (1.0.4)
Using method_source (0.8.2)
Using slop (3.4.6)
Using pry (0.9.12.2)
Using guard (2.0.3)
Using guard-jasmine (1.18.3)
Using guard-livereload (2.0.0)
Using rspec-core (2.14.5)
Using rspec-expectations (2.14.3)
Using rspec-mocks (2.14.3)
Using rspec (2.14.1)
Using guard-rspec (3.1.0)
Using haml (4.0.3)
Using hashie (2.0.5)
Using httpauth (0.2.0)
Using jasminerice (0.0.10)
Using jquery-datatables-rails (1.11.2) from git://github.com/rweng/jquery-datatables-rails.git (at master)
Using jquery-fileupload-rails (0.4.1)
Using jquery-ui-rails (4.0.5)
Using jwt (0.1.8)
Using less (2.4.0)
Using less-rails (2.4.2)
Using libv8 (3.16.14.3)
Using subexec (0.2.3)
Using mini_magick (3.6.0)
Using newrelic_rpm (3.6.7.159)
Using ng-rails-csrf (0.1.0)
Using oauth (0.4.7)
Using oauth2 (0.8.1)
Using oj (2.1.6)
Using omniauth (1.1.4)
Using omniauth-oauth2 (1.1.1)
Using omniauth-facebook (1.4.1)
Using omniauth-oauth (1.0.1)
Using pg (0.17.0)
Using websocket-driver (0.3.0)
Using poltergeist (1.4.1)
Using pr_geohash (1.0.0)
Using quiet_assets (1.0.2)
Using rabl (0.8.6)
Using rack-protection (1.5.0)
Using rails-backbone (0.9.10)
Using redis (3.0.5)
Using redis-namespace (1.3.1)
Using redis_pagination (1.0.0)
Using ref (1.0.5)
Using rsolr (1.0.9)
Using rspec-rails (2.14.0)
Using rubyzip (0.9.9)
Using rvm (1.11.3.8)
Using rvm-capistrano (1.5.1)
Using sass-rails (3.2.6)
Using websocket (1.0.7)
Using selenium-webdriver (2.35.1)
Using sidekiq (2.15.1)
Using sinatra (1.3.6)
Using temple (0.6.7)
Using slim (1.3.8)
Using state_machine (1.2.0)
Using strong_parameters (0.2.1)
Using sunspot (2.0.0)
Using sunspot_rails (2.0.0)
Using sunspot_solr (2.0.0)
Using therubyracer (0.12.0)
Using thin (1.5.1)
Using turbo-sprockets-rails3 (0.3.10)
Using twitter-bootstrap-rails (2.2.8)
Using uglifier (2.2.1)
Using whenever (0.8.4)
Using wicked_pdf (0.9.7)
Using yajl-ruby (1.1.0)
答案 0 :(得分:1)
忘记删除:
class ActiveRecord::Base
attr_accessible
attr_accessor :accessible
private
def mass_assignment_authorizer(role = :default)
if accessible == :all
self.class.protected_attributes
else
super + (accessible || [])
end
end
end