在我的应用中,我需要通过一个提交按钮同时更新一组用户。但是,每当我按提交时,在我的控制台中,我都会收到错误,
Unpermitted parameters: 1, 3, 4, 2
Unpermitted parameters: 1, 3, 4, 2
Unpermitted parameters: 1, 3, 4, 2
Unpermitted parameters: 1, 3, 4, 2
Unpermitted parameters: 1, 3, 4, 2
Update_collection如下所示:
Parameters: {"utf8"=>"✓", "authenticity_token"=>"GWT/QI3w/uqcsTAy58iPRfb4UqVNn5+cExQuKx72uJ9W3t0CrkkkOvDc4ZvVS7Uh88JtQ7awenoERT/qww37eQ==", "user"=>{"1"=>{"username"=>"Bob", "sunday"=>"8", "monday"=>"7", "tuesday"=>"09", "wednesday"=>"986", "thursday"=>"765", "friday"=>"321", "saturday"=>"432"}, "3"=>{"username"=>"Mike", "sunday"=>"76", "monday"=>"098", "tuesday"=>"40", "wednesday"=>"243", "thursday"=>"986", "friday"=>"7536", "saturday"=>"07"}, "4"=>{"username"=>"George", "sunday"=>"", "monday"=>"", "tuesday"=>"", "wednesday"=>"", "thursday"=>"", "friday"=>"", "saturday"=>""}, "2"=>{"username"=>"Admin", "sunday"=>"", "monday"=>"", "tuesday"=>"", "wednesday"=>"", "thursday"=>"", "friday"=>"", "saturday"=>""}}, "commit"=>"Submit"}
我认为它所说的地方,"user"=>{"1"=>{etc...}}是我的问题所在,但考虑到这些是动态哈希,我不知道如何允许它们,即使在允许它们之后,我也不会希望它们更新,因为它们不属于单个用户模型,只是阵列本身。
users_controller.rb
class UsersController < ApplicationController
# before_filter :authenticate_user!
before_action :set_user, only: [:show, :edit, :update, :destroy]
# GET /users
# GET /users.json
def index
@users = User.all
end
# GET /users/1
# GET /users/1.json
def show
end
# GET /users/new
def new
@user = User.new
end
def update_collection
@users = User.all
@users.each do |user|
if collect_params[:password].blank?
collect_params.delete(:password)
collect_params.delete(:password_confirmation)
end
successfully_updated = if needs_password?(user, collect_params)
user.update(collect_params)
else
user.update_without_password(collect_params)
end
#respond_to do |format|
#if user.update(collect_params)
#format.html { redirect_to user, notice: 'User was successfully updated.' }
#format.json { render :show, status: :ok, location: user }
# else
#format.html { render :edit }
# format.json { render json: user.errors, status: :unprocessable_entity }
#end
#end
end
end
# GET /users/1/edit
def edit
end
# POST /users
# POST /users.json
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
if user_params[:password].blank?
user_params.delete(:password)
user_params.delete(:password_confirmation)
end
successfully_updated = if needs_password?(@user, user_params)
@user.update(user_params)
else
@user.update_without_password(user_params)
end
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
protected
def needs_password?(user, params)
params[:password].present?
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
def collect_params
params.require(:user).permit(:role_id, :username, :password, :password_confirmation, :monday, :tuesday, :wednesday, :thursday, :friday, :saturday, :sunday)
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:role_id, :username, :password, :password_confirmation, :monday, :tuesday, :wednesday, :thursday, :friday, :saturday, :sunday)
end
end
我的表单代码:
<%= form_tag update_collection_users_path, method: :put do |form| %>
<% @users.each do |user| %>
<%= fields_for "user[]", user do |f| %>
<% if @user.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
<ul>
<% @user.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :username %><br>
<%= f.text_field :username %>
</div>
<div class="field">
<%= f.label :sunday %><br>
<%= f.text_field :sunday %>
</div>
<div class="field">
<%= f.label :monday %><br>
<%= f.text_field :monday %>
</div>
<div class="field">
<%= f.label :tuesday %><br>
<%= f.text_field :tuesday %>
</div>
<div class="field">
<%= f.label :wednesday %><br>
<%= f.text_field :wednesday %>
</div>
<div class="field">
<%= f.label :thursday %><br>
<%= f.text_field :thursday %>
</div>
<div class="field">
<%= f.label :friday %><br>
<%= f.text_field :friday %>
</div>
<div class="field">
<%= f.label :saturday %><br>
<%= f.text_field :saturday %>
</div>
<div class="actions">
<%= f.submit %>
</div>
<% end %>
<% end %>
<%= submit_tag "Submit" %>
<% end %>