密码,Password_Confirmation ActiveModel :: MassAssignmentSecurity ::错误:

时间:2013-11-24 12:22:06

标签: ruby-on-rails security testing passwords

我正在使用Rails教程,但我已经陷入困境。我正在尝试使用密码和password_confirmation。

我收到了错误:

  15) User when password confirmation is nil 
 Failure/Error: @user = User.new(name: "Example User", email: "user@example.com", password: "foobar", password_confirmation: "foobar")
 ActiveModel::MassAssignmentSecurity::Error:
   Can't mass-assign protected attributes: password, password_confirmation
 # ./spec/models/user_spec.rb:5:in `new'
 # ./spec/models/user_spec.rb:5:in `block (2 levels) in <top (required)>'

Finished in 0.21758 seconds
25 examples, 15 failures

Failed examples:

rspec ./spec/models/user_spec.rb:8 # User 
rspec ./spec/models/user_spec.rb:9 # User 
rspec ./spec/models/user_spec.rb:10 # User 
rspec ./spec/models/user_spec.rb:11 # User 
rspec ./spec/models/user_spec.rb:12 # User 
rspec ./spec/models/user_spec.rb:14 # User 
rspec ./spec/models/user_spec.rb:17 # User when name is not present 
rspec ./spec/models/user_spec.rb:21 # User when name is too long 
rspec ./spec/models/user_spec.rb:25 # User when email format is invalid should be invalid
rspec ./spec/models/user_spec.rb:33 # User when email format is invalid when email format is valid should be valid
rspec ./spec/models/user_spec.rb:47 # User when email address is already taken 
rspec ./spec/models/user_spec.rb:55 # User when email address is already taken 
rspec ./spec/models/user_spec.rb:59 # User when password is not present 
rspec ./spec/models/user_spec.rb:63 # User when password doesn't match confirmation 
rspec ./spec/models/user_spec.rb:67 # User when password confirmation is nil

所有错误都是出于同样的原因。

User.rb 

class User < ActiveRecord::Base
  attr_accessible :email, :name
  before_save { |user| user.email = email.downcase }
  validates :name, presence: true, length: { maximum: 50 }
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
    validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {     case_sensitive: false }
  #has_secure_password
  has_many :event
end

user_spec.rb 

require 'spec_helper'

describe User do
    before do
        @user = User.new(name: "Example User", email: "user@example.com", password: "foobar", password_confirmation: "foobar")
    end
    subject { @user }
    it { should respond_to(:name) }
    it { should respond_to(:email) }
    it { should respond_to(:password_digest) }
    it { should respond_to(:password) }
    it { should respond_to(:password_confirmation) }

任何想法都会受到赞赏。

1 个答案:

答案 0 :(得分:1)

password, :password_confirmation

中将attr_accessible添加到user.rb 
attr_accessible :name, :email, :password, :password_confirmation

attr_accessible方法获取可访问的属性列表。其他属性将受到保护,请参阅Mass Assignment

相关问题
最新问题