ActiveModel :: MassAssignmentSecurity :: VideosController中的错误#create

时间:2013-12-24 14:01:39

标签: ruby-on-rails ruby sqlite

我在rubymine和rails中遇到以下错误,我对环境完全不熟悉,我不知道如何修复它:

  

ActiveModel :: MassAssignmentSecurity :: VideosController中的错误#create

我正在使用Rails 3.2.15& ruby 1.9.3p392(2013-02-22)[i386-mingw32]

我正在“尝试”使用上述技术构建Web应用程序。这与基本的视频租赁商店有关。我有(目前)4桌。用户,视频,租赁,流派。我稍后会添加一个购物车并使用设计登录,以及可能需要额外表格的基本自定义宝石。

当我尝试输入新视频或租借时出现此错误。我没有进入流派或用户的问题。所以我假设它与关系有关,因为当我删除它们时它起作用。

我在rubymine中使用了以下脚手架命令来创建我的4个表。

user first_name:string{25} last_name:string{25} user_name:string{25} password:string{25} address:string email:string{150} phone:string{15} dob:date verified:boolean admin:boolean

#I added the following to the resulting user.rb model file
has_many :rentals

#Below is the code generated (and slightly modified) for the user.rb model file
class User < ActiveRecord::Base
    has_many :rentals
    attr_accessible :address, :admin, :dob, :email, :first_name, :last_name, :password, :phone, :user_name, :verified
end


genre genre_title:string{50}

#I added the following to the resulting genre.rb model file
has_many :videos

#Below is the code generated (and slightly modified) for the genre.rb model file
class Genre < ActiveRecord::Base
    has_many :videos
    attr_accessible :genre_title
end



video title:string{50} genre_title:string{50} description:text purchase_price:decimal rental_price:decimal sale_price:decimal image_url:string genre:references

#I added the following to the resulting video.rb model file
has_many :rentals
belongs_to :genre

#Below is the code generated (and slightly modified) for the video.rb model file
class Video < ActiveRecord::Base
    has_many :rentals
    belongs_to :genre
    attr_accessible :description, :genre_title, :image_url, :purchase_price, :rental_price, :sale_price, :title
end



rental user:references video:references borrowed_date:datetime returned_date:datetime due_date:datetime

#I added the following to the resulting rental.rb model file
belongs_to :user
belongs_to :video

#Below is the code generated (and slightly modified) for the rental.rb model file
class Rental < ActiveRecord::Base
  belongs_to :user
  belongs_to :video
  attr_accessible :borrowed_date, :due_date, :returned_date
end

这确实产生了适当的attr_accessible线,我稍微修改了一些,因为省略了一些字段,我认为这样可以解决问题。

这应该建立表格和关系。我想要的。我说应该是因为当我进入SQLite3并输入破坏关系完整性的数据(即具有无效用户或视频ID的租用)。它允许它。所以错误不是从DB回来的(尽管应该是这样)。

我通常在SQL Server之上使用C#和Entity框架......相反,我试图在有活动记录和SQLite3的rails上学习ruby。到目前为止,这是一个缓慢而痛苦的过程,但我真的想给平台一个很好的机会,因为我听到了很多关于它的好东西。

以下是我要求添加的其他代码。我希望它有所帮助,谢谢你。

  #This is the create action from the video controller
  # POST /videos
  # POST /videos.json
  def create
    @video = Video.new(params[:video])

    respond_to do |format|
      if @video.save
        format.html { redirect_to @video, notice: 'Video was successfully created.' }
        format.json { render json: @video, status: :created, location: @video }
      else
        format.html { render action: "new" }
        format.json { render json: @video.errors, status: :unprocessable_entity }
      end
    end
  end



<!-- This is the _form.html.erb video view -->
<%= form_for(@video) do |f| %>
  <% if @video.errors.any? %>
    <div id="error_explanation">
      <h2><%= pluralize(@video.errors.count, "error") %> prohibited this video from being saved:</h2>

      <ul>
      <% @video.errors.full_messages.each do |msg| %>
        <li><%= msg %></li>
      <% end %>
      </ul>
    </div>
  <% end %>

  <div class="field">
    <%= f.label :title %><br />
    <%= f.text_field :title %>
  </div>
  <div class="field">
    <%= f.label :genre_title %><br />
    <%= f.text_field :genre_title %>
  </div>
  <div class="field">
    <%= f.label :description %><br />
    <%= f.text_area :description %>
  </div>
  <div class="field">
    <%= f.label :purchase_price %><br />
    <%= f.text_field :purchase_price %>
  </div>
  <div class="field">
    <%= f.label :rental_price %><br />
    <%= f.text_field :rental_price %>
  </div>
  <div class="field">
    <%= f.label :sale_price %><br />
    <%= f.text_field :sale_price %>
  </div>
  <div class="field">
    <%= f.label :image_url %><br />
    <%= f.text_field :image_url %>
  </div>
  <div class="field">
    <%= f.label :genre %><br />
    <%= f.text_field :genre %>
  </div>
  <div class="actions">
    <%= f.submit %>
  </div>
<% end %>



<!-- This is the new.html.erb video view -->
<h1>New video</h1>

<%= render 'form' %>

<%= link_to 'Back', videos_path %>



<!-- This is the index.html.erb video view -->
<h1>Listing videos</h1>

<table>
  <tr>
    <th>Title</th>
    <th>Genre title</th>
    <th>Description</th>
    <th>Purchase price</th>
    <th>Rental price</th>
    <th>Sale price</th>
    <th>Image url</th>
    <th>Genre</th>
    <th></th>
    <th></th>
    <th></th>
  </tr>

<% @videos.each do |video| %>
  <tr>
    <td><%= video.title %></td>
    <td><%= video.genre_title %></td>
    <td><%= video.description %></td>
    <td><%= video.purchase_price %></td>
    <td><%= video.rental_price %></td>
    <td><%= video.sale_price %></td>
    <td><%= video.image_url %></td>
    <td><%= video.genre %></td>
    <td><%= link_to 'Show', video %></td>
    <td><%= link_to 'Edit', edit_video_path(video) %></td>
    <td><%= link_to 'Destroy', video, method: :delete, data: { confirm: 'Are you sure?' } %></td>
  </tr>
<% end %>
</table>

<br />

<%= link_to 'New Video', new_video_path %>

任何帮助表示感谢。

1 个答案:

答案 0 :(得分:1)

_form中,您要为genre添加一个字段,该字段不是模型中的attr_accessible。您应该将其更改为genre_id

表示该方法的最佳方式是使用select选项,标签显示Genre_title,值为genre_id

<%= f.select :genre_id, Genre.all.map{ |g| [g.genre_title, g.id] } %>