1错误禁止此用户保存:密码不能为空

时间:2013-11-10 09:41:17

标签: ruby-on-rails

当我参加Rails Tutorial(Michael Hartl)的第6课时,有一个问题:1个错误禁止此用户被保存:密码不能为空。

gem'bcrypt-ruby'

这是我的用户模型

   class User < ActiveRecord::Base
  has_many :microposts
  attr_accessor  :name ,:email
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :name,  presence: true, length: { maximum: 50 }
  validates :email, presence: true , format: { with: VALID_EMAIL_REGEX }
  before_save { self.email = email.downcase }
  has_secure_password
end

我已创建用户,现在显示

 Processing by UsersController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"4TpdKJZ3BeSxpH4pWUK4L1LwzBvJmBo/4MHnYlGQsmQ=", "user"=>{"name"=>"tom", "email"=>"tom@gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Create User"}

Unpermitted parameters: password, password_confirmation

用户控制器

  class UsersController < ApplicationController
      before_action :set_user, only: [:show, :edit, :update, :destroy]

      # GET /users
      # GET /users.json
      def index
        @users = User.all
      end

      # GET /users/1
      # GET /users/1.json
      def show
      end

      # GET /users/new
      def new
        @user = User.new
      end

      # GET /users/1/edit
      def edit
      end

      # POST /users
      # POST /users.json
      def create
        @user = User.new(user_params)

        respond_to do |format|
          if @user.save
            format.html { redirect_to @user, notice: 'User was successfully created.' }
            format.json { render action: 'show', status: :created, location: @user }
          else
            format.html { render action: 'new' }
            format.json { render json: @user.errors, status: :unprocessable_entity }
          end
        end
      end

      # PATCH/PUT /users/1
      # PATCH/PUT /users/1.json
      def update
        respond_to do |format|
          if @user.update(user_params)
            format.html { redirect_to @user, notice: 'User was successfully updated.' }
            format.json { head :no_content }
          else
            format.html { render action: 'edit' }
            format.json { render json: @user.errors, status: :unprocessable_entity }
          end
        end
      end

      # DELETE /users/1
      # DELETE /users/1.json
      def destroy
        @user.destroy
        respond_to do |format|
          format.html { redirect_to users_url }
          format.json { head :no_content }
        end
      end

      private
        # Use callbacks to share common setup or constraints between actions.
        def set_user
          @user = User.find(params[:id])
        end

        # Never trust parameters from the scary internet, only allow the white list through.
        def user_params
          params.require(:user).permit(:name, :email)
        end
    end

如何解决这个问题“未经许可的参数”?感谢

1 个答案:

答案 0 :(得分:2)

您需要将未经许可的参数添加到

def user_params
  params.require(:user).permit(:name, :email, :password, :password_confirmation)
end

PS我认为你应该读一下strong_parameters

相关问题
最新问题