我尝试更新现有用户:
的控制器 - 片段
def account_settings
@user = current_user
end
def set_account_info
old_user = current_user
# verify the current password by creating a new user record.
@user = User.authenticate_by_username(old_user.username, params[:user][:password])
# verify
if @user.nil?
@user = current_user
@user.errors[:password] = "Das eingegebene Passwort ist falsch."
render :action => "account_settings"
else
# update the user with any new username and email
@user.update(params[:user])
# Set the old email and username, which is validated only if it has changed.
@user.previous_email = old_user.email
@user.previous_username = old_user.username
if @user.valid?
# If there is a new_password value, then we need to update the password.
@user.password = @user.new_password unless @user.new_password.nil? || @user.new_password.empty?
@user.save
flash[:notice] = 'Benutzerkonto-Einstellungen wurden übernommen.'
redirect_to :root
else
flash[:error] = @user.username
render :action => "account_settings"
end
end
end
我已经尝试了post-put,put-和patch-method
路线-片段
Calendar::Application.routes.draw do
root "welcome#index"
get "user/account_settings" => "user#account_settings"
patch "user/account_settings" => "user#set_account_info"
end
用户-模型
class User < ActiveRecord::Base
attr_accessible :email, :username, :previous_email, :previous_username, :password, :password_confirmation, :new_password, :new_password_confirmation
attr_accessor :password, :new_password, :previous_email, :previous_username
before_save :encrypt_password
validates_confirmation_of :password
validates_confirmation_of :new_password, :if => Proc.new {|user| !user.new_password.nil? && !user.new_password.empty? }
validates_presence_of :password, :on => :create
validates_presence_of :email, :if => Proc.new {|user| user.previous_email.nil? || user.email != user.previous_email}
validates_presence_of :username, :if => Proc.new {|user| user.previous_username.nil? || user.username != user.previous_username}
validates_uniqueness_of :email, :if => Proc.new {|user| user.previous_email.nil? || user.email != user.previous_email}
validates_uniqueness_of :username, :if => Proc.new {|user| user.previous_username.nil? || user.username != user.previous_username}
def initialize(attributes = {})
super # must allow the active record to initialize!
attributes.each do |name, value|
send("#{name}=", value)
end
end
def self.authenticate_by_email(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def self.authenticate_by_username(username, password)
user = find_by_username(username)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
Flash-Notice flash[:error] = @user.username会输入新用户名,因此我不明白为什么用户未在数据库中更新。
首先我认为我的set_account_info - 方法不对,但我不知道如何检查输入。
其次我将form_for方法从默认(post)更改为{{1}然后到put,但这也没有帮助。
答案 0 :(得分:2)
使用rails 4 attr_accessible不再使用,相反我们现在有强大的参数。这意味着你现在需要告诉应用程序它可以更新哪些参数(白名单)。
现在,这一切都在控制器中完成,我将举例说明我的工作,看看它是否可以帮助你完成你的方案
class ExampleController < ApplicationController
def create
@object= Object.new(my_params)
if @object.save
redirect_to root_path, notice: 'Object Successfully Created'
else
render action: 'new'
end
end
def update
@object= Object.find(params[:id])
if @object.update_attributes(my_params)
redirect_to root_path, notice: 'Object updated'
else
render action: 'edit'
end
end
private
def my_params
params.require(:object).permit(:id, :title, :overview, :category_id,
nested_attributes: [:id, :gallery_id, :gallery_category_id, :photo, :_destroy])
end