Parameters: {"utf8"=>"✓",
"authenticity_token"=>"mxj1M1VOCWZ5Xk79VqR6qoS6v/McZRpoXkwmhEI/i2c=",
"event"=>{"title"=>"dshs", "organizer"=>"aha", "location"=>"afa",
"sdatetime"=>"2014-03-24 13:30:00.000000",
"edatetime"=>"2014-03-28 13:35:00.000000",
"short_description"=>"shgshsgh", "contact_name"=>"shsh",
"contact_phone"=>"8989989", "email"=>"nak@isro.com", "venue"=>"aaaaaaaa",
"domain_ids"=>[""], "category_ids"=>["1", "3", "4", ""],
"eligible_ids"=>["2", "3", "4", ""],
"events_description"=>"<p>ssssssssssssssssssss</p>\r\n"},
"url"=>"", "region"=>"india", "commit"=>"Submit Event", "id"=>"15"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = 2 ORDER BY "users"."id" ASC LIMIT 1
Event Load (0.2ms) SELECT "events".* FROM "events" WHERE "events"."id" = ? LIMIT 1 [["id", "15"]]
Unpermitted parameters: domain_ids, category_ids, eligible_ids
所以,我试过这个:Event.rb
attr_accessible :blahblahs,:category_ids,
:domain_ids, :eligible_ids
当然,我将它包含在Event.rb中:
has_and_belongs_to_many :categories
has_and_belongs_to_many :domains
has_and_belongs_to_many :eligibles
我在events_controller
中也尝试过这个params.require(:event).permit(:blahblahs,:category_ids,
:domain_ids, :eligible_ids)
问题是模型是通过rails控制台更新的
当我使用event=event.find(z) event.category_ids=[x,y]时 - 它正在更新模型。
我正在使用输入复选框
事件控制器操作:
def new
@event = Event.new
@event.categories.build
@event.domains.build
@event.eligibles.build
end
def create
@event = Event.new(event_params)
@event.categories.build
@event.domains.build
@event.eligibles.build
@event.user_id = current_user.id
respond_to do |format|
if @event.save
format.html { redirect_to @event, notice: 'Event was successfully created.' }
format.json { render action: 'show', status: :created, location: @event }
else
format.html { render action: 'new' }
format.json { render json: @event.errors, status: :unprocessable_entity }
end
end
def update
@event = Event.find(params[:id])
@event.categories.build
@event.domains.build
@event.eligibles.build
respond_to do |format|
if @event.update_attributes(event_params)
format.html { redirect_to @event, notice: 'Event was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @event.errors, status: :unprocessable_entity }
end
end
end
private
# Use callbacks to share common setup or constraints between actions.
# Never trust parameters from the scary internet, only allow the white list through.
def event_params
params.require(:event).permit(:title,:organizer,:venue,:location,
:short_description,:sdatetime,:edatetime,:contact_name,
:contact_phone, :email,
:events_description,:user_id)
end
end
我哪里错了?
有人可以帮我理解在控制器和permit中使用attr_accessible吗?
感谢。
答案 0 :(得分:0)
Permit 返回一个仅包含的新ActionController :: Parameters实例 给定的过滤器并设置对象的允许属性 真正。这对于限制应该允许哪些属性很有用 用于大规模更新。
params = ActionController::Parameters.new(user: { name: 'Francesco', age: 22, role: 'admin' })
permitted = params.require(:user).permit(:name, :age)
permitted.permitted? # => true
permitted.has_key?(:name) # => true
permitted.has_key?(:age) # => true
permitted.has_key?(:role) # => false
attr_accessible 指定可以通过质量分配设置的模型属性的白名单。
在rails 4中已弃用{p>attr_accessible,要在导轨4中访问它,您需要将protected_attributes添加到Gemfile
然后回到你的问题
变化:
def event_params
params.require(:event).permit(:title,:organizer,:venue,:location,
:short_description, :sdatetime,:edatetime,
:contact_name, :contact_phone, :email,
:events_description,:user_id)
end
为:
def event_params
params.require(:event).permit(:title,:organizer,:venue,:location,
:short_description, :sdatetime,:edatetime,
:contact_name, :contact_phone, :email,
:events_description,:user_id,:category_ids,
:domain_ids, :eligible_ids)
end
你应该没事。
答案 1 :(得分:0)
问题是当我使用event = event.find(z)event.category_ids = [x,y]时,模型正在通过rails控制台进行更新 - 它正在更新模型。
permit方法与attr_accessible方法不同,它停止访问/更新模型外的字段。 permit方法将用户发送请求时要设置的属性列入白名单。因为,您正在控制台更新您的字段,而不是来自请求参数,它将更新它。