我将一些参数发布到我的Rails4应用程序中的远程URL,来自/ orders /:id route with show controller method。
从我的应用程序和服务发送到服务的参数将一堆参数返回到我的应用程序的/ fail或/ success页面,具体取决于响应是否成功。我可以从日志中看到传入的参数。
我想在订单控制器中使用此参数创建一个OrderTransaction,我该怎么做?
orders_controller.rb
def success
### I would like to create an OrderTransaction here with the incoming parameters!
@transaction = OrderTransaction.new(????????)
end
def fail
### I would like to create an OrderTransaction here with the incoming parameters!
@transaction = OrderTransaction.new(????????)
end
日志中的传入参数=>
Started POST "/orders/fail" for 127.0.0.1 at 2014-06-01 13:40:28 +0300
Processing by OrdersController#fail as HTML
Parameters:
{
"TRANID"=>"",
"type"=>"Auth",
"refreshtime"=>"5",
"lang"=>"tr",
"amount"=>"30",
"ACQBIN"=>"490740",
"clientIp"=>"193.140.28.145",
"name"=>"AKBANK",
"cardHolderName"=>"dsadas dasdsa",
"okUrl"=>"http://localhost:3000/orders/success",
"failUrl"=>"http://localhost:3000/orders/fail",
"storetype"=>"3d_pay_hosting",
"Response"=>"Declined"
....
}
order.rb =>
class Order < ActiveRecord::Base
belongs_to :user
belongs_to :participation
has_one :transaction, :class_name => "OrderTransaction"
end
order_transaction.rb =&gt;
class OrderTransaction < ActiveRecord::Base
belongs_to :order
end
routes.rb =&gt;
post 'orders/success' => 'orders#success'
post 'orders/fail' => 'orders#fail'
resources :orders, only: [:index, :new, :create, :show]
orders_controller.rb =&gt;
require 'digest/sha1'
class OrdersController < ApplicationController
before_filter :authenticate_user!
before_action :set_order, only: [:show, :edit, :update, :destroy]
skip_before_action :verify_authenticity_token
def index
@orders = Order.all
end
def show
@hashing = {
clientid: POS['clientid'],
oid: Time.now.to_i.to_s,
amount: @order.participation.examination.exam_fees.first.fee.to_s,
okUrl: POS['okUrl'],
failUrl: POS['failUrl'],
islemtipi:POS['islemtipi'],
taksit: '',
rnd: Time.now.to_i.to_s,
}
end
# GET /orders/new
def new
@order = Order.new
end
def create
@order = Order.new(order_params)
@order.user_id = current_user.id
respond_to do |format|
if @order.save
...
else
...
end
end
end
def success
### I would like to create an OrderTransaction here with the incoming parameters!
@transaction = OrderTransaction.new(????????)
end
def fail
### I would like to create an OrderTransaction here with the incoming parameters!
@transaction = OrderTransaction.new(????????)
end
private
def set_order
@order = Order.find(params[:id])
end
def order_params
params.require(:order).permit(:id, :user_id, :participation_id, :amount, :cardHolderName)
end
end
订单/ show.html.erb =&GT;
<%= simple_form_for(@order, html:{class: "well"}, :url => "https://testsanalpos.est.com.tr/servlet/est3Dgate", :method => :post) do |f| %>
<% @hashing.each do |k, v| %>
<%= f.input k, input_html: {name: k, value: v}, as: :hidden %>
<% end %>
<%= f.button :submit, "Approve" %>
<% end %>
答案 0 :(得分:1)
你可以这样做:
#app/controllers/orders_controller.rb
def success
Orders.new(order_params)
end
private
def order_params
params.permit(:client_ip, :etc, :etc)
end
-
这将使用Rails中的传统strong_params模式,它只会将您需要的参数列入白名单。考虑到您的params hash填充了远程服务中的数据