列入白名单的属性的未允许参数错误

时间:2014-09-05 02:19:07

标签: ruby ruby-on-rails-4 nested-attributes strong-parameters fields-for

我正在使用rails开发一种基于网络的游戏。我的目标是设置一个表单,允许用户通过用户更新表单在用户/显示页面上创建一个堡垒。我一直在使用嵌套的属性和关联来尝试解决问题,但我一直遇到错误。

我已经在我的模型中设置了关联:

class Fort < ActiveRecord::Base

  belongs_to :user

end


class User < ActiveRecord::Base

  has_many :forts

  accepts_nested_attributes_for :forts

... (omitted validations)

end

我已经设置了我的用户控制器,其中包含更新和编辑操作:

def edit

    @user = User.find(params[:id])

end

def update

    @user = User.find(params[:id])

    @user.forts.build(params[:user][:forts])

    if @user.update_attributes(user_params)

    render @user


    else

        render 'users/show'

    end
end

用户/节目视图中的我的表单如下所示:

<%= form_for @user do |f| %>

  <%= f.fields_for :fort do |builder| %>
      <%= builder.label :name, "Name" %>
      <%= builder.text_field :name %>
      <%= builder.label :ownership, "Ownership" %>
      <%= builder.text_field :ownership %>
  <% end %>
    <%= f.submit %>
<% end %>

我的路线(我不认为它们在这里很重要,但以防万一),

BR::Application.routes.draw do
    resources :users
    resources :sessions, only: [:new, :create, :destroy]
    resources :forts
    resources :encampments

    root 'home#home'
    match '/signup',  to: 'users#new',            via: 'get'
    match '/signin',  to: 'sessions#new',            via: 'get'
    match '/signout',  to: 'sessions#destroy',            via: 'delete'

最后我的参数写成:

    def user_params

        params.require(:user).permit(:name, :email, :username, :password, :password_confirmation, forts_attributes: [ :name, :xco, :yco, :territory, :ownership ])

    end

我在上面的

之间徘徊
    def user_params

        params.require(:user).permit(:name, :email, :username, :password, :password_confirmation, forts_ids: [ :name, :xco, :yco, :territory, :ownership ])

    end

    def user_params

        params.require(:user).permit(:name, :email, :username, :password, :password_confirmation, :forts => [ :name, :xco, :yco, :territory, :ownership ])

    end

基于我在其他Stack Overflow线程上看到的不同协议。这些排列都没有奏效。

他们都在日志中抛出了这个错误:

Unpermitted parameters: fort

整个过程如下:

Started PATCH "/users/1" for 127.0.0.1 at 2014-09-04 20:35:02 -0400
Processing by UsersController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"srybKv+WDZubO4ez+kiwfTYZvrP4tZYe9QoxQaMgmPk=", "user"=>{"fort"=>{"name"=>"test2", "ownership"=>"43"}}, "commit"=>"Update User", "id"=>"1"}
  User Load (0.2ms)  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", "1"]]
Unpermitted parameters: fort
   (0.1ms)  begin transaction
  User Exists (0.3ms)  SELECT 1 AS one FROM "users" WHERE (LOWER("users"."email") = LOWER('ascottpedersen@gmail.com') AND "users"."id" != 1) LIMIT 1
   (0.1ms)  rollback transaction
  Rendered users/show.html.erb within layouts/application (49.2ms)
  User Load (0.4ms)  SELECT "users".* FROM "users" WHERE "users"."remember_token" = '0705e5d60cc1be62fa51d8e407683e79f730a3b2' LIMIT 1
Completed 200 OK in 173ms (Views: 66.1ms | ActiveRecord: 5.1ms)

我很确定我点缀了我的并且穿过了我的T,但现在我拉着我的头发试图找出我的错误。你们给予的任何帮助都会得到永远的回报。我仍然可以想象的唯一问题是我在用户/节目视图中添加了更新表单,但我几乎可以肯定这是一件好事。

再次感谢,

Alex P

2 个答案:

答案 0 :(得分:0)

由于您的has_many :forts模型中存在User关系,此行

<%= f.fields_for :fort do |builder| %>

应该是

<%= f.fields_for :forts do |builder| %> 

我想这会给你带来麻烦。

答案 1 :(得分:0)

您的参数名称与user_params方法中的参数名称不匹配:一个有fort,另一个有forts

此外,要使嵌套属性起作用,传递给fields_for的名称必须与关联名称匹配(即:forts

这会导致forts的参数位于forts_attributes键下(因此应该进入user_params,但只有在您将调用更改为{{1}之后}})