Question

我按照答案given here创建了一个简单的动态表单（不是嵌套的）。这个想法是邀请几个人的电子邮件。然后我有一个＆＃34;添加团队成员＆＃34;按钮添加字段以输入同事电子邮件。

我收到以下错误，但我不知道原因：

InvitationsController中的ActiveModel :: ForbiddenAttributesError #create

参数：

{"utf8"=>"✓",
 "authenticity_token"=>"zLs8DWkzO+bPc2jGhFptgc+BAGAwzr1kcn/hkX/6vQbQ/cDCzuqoGCMGUTcYHs+up7nBzHFiEXVcKustyL1KIA==",
 "invitation"=>[{"email"=>"test@test.fr", "_destroy"=>"false", "user_id"=>"1"}, {"email"=>"test2@test2.fr", "_destroy"=>"false", "user_id"=>"1"}],
 "commit"=>"Save Team Members"}

我在控制器中的创建操作和invitation_params：

def create
    puts params[:invitation].to_yaml
    params[:invitation].each do |invitation_params|
     Invitation.create(invitation_params)
    end
    redirect_to invitation_path
  end

def invitation_params
      params.require(:invitation).permit(:id, :email, :user_id, :_destroy, :token)
    end

我的表格：

<%= form_for(invitation) do |f| %>
  <% if invitation.errors.any? %>
    <div id="error_explanation">
      <h2><%= pluralize(invitation.errors.count, "error") %> prohibited this invitation from being saved:</h2>

      <ul>
      <% invitation.errors.full_messages.each do |message| %>
        <li><%= message %></li>
      <% end %>
      </ul>
    </div>
  <% end %>

  <div id="container_invitations"></div>

  <%= link_to "Add a New Team Member", add_invitation_path, :method => :post, :remote => true %>

  <div class="actions">
    <%= f.submit "Save Team Members", class: "cta2" %>
  </div>
<% end %>

add_invitation控制器操作（动态添加字段）：

def add_invitation
    respond_to do |format|
      format.js
    end
  end

add_invitation.js.erb：

$('#container_invitations').append("<%= escape_javascript(render :partial => 'invitation_fields_render') %>");
$('.remove_fields').on('click', function(e) {
  $(this).parent().remove();
});

_invitation_fields_render.html.erb（带字段的部分）

<div class="new_invitation_row">
 <%= email_field_tag "invitation[][email]", nil, placeholder: "Team Member Email", :required => 'required' %>
 <%= hidden_field_tag "invitation[][_destroy]", nil, value: false %>
 <a class="remove-link remove_fields dynamic" href="#"><i class="fa fa-trash fa-lg" title="Remove"></i></a>
 <%= hidden_field_tag "invitation[][user_id]", nil, value: current_user.id %>
</div>

我的邀请模式：

class Invitation < ActiveRecord::Base
  has_secure_token

  belongs_to :user
end

谢谢。

更新

我添加了由IngoAlbers提出的新的params.permit行。我仍然得到错误。以下是错误的完整堆栈跟踪：

开始发布＆＃34; /邀请＆＃34;对于127.0.0.1在2017-12-01 07:49:02 +0000   通过InvitationsController处理#create as HTML参数：   {＆＃34; UTF8＆＃34; = GT;＆＃34;✓＆＃34 ;,   ＆＃34; authenticity_token＆＃34; = GT;＆＃34; pV5wQj3QHXksNEtJ8nZSjWDc8VyHiewVCt4A1 + ijH8G5GIyNmgmOh8BBcrhuMvCiCOQw8MYlQAQkiwprX + To5w ==＆＃34 ;,   ＆＃34;邀请＆＃34; =＆gt; [{＆＃34;电子邮件＆＃34; =＆gt;＆＃34; test@test.fr"，＆＃34; _destroy＆＃34; =＆gt;＆＃ 34;假＆＃34 ;,   ＆＃34; user_id＆＃34; =＆gt;＆＃34; 1＆＃34;}]，＆＃34;提交＆＃34; =＆gt;＆＃34;保存团队成员＆＃34;}用户负载（0.4ms）   SELECT＆＃34;用户＆＃34;。* FROM＆＃34;用户＆＃34;用户＆＃34;。＆＃34; id＆＃34; =？订购   ＃＆34;用户＆＃34;＆＃34; ID＆＃34; ASC限制？ [[＆＃34; id＆＃34;，1]，[＆＃34; LIMIT＆＃34;，1]] CoreBot Load   （0.2ms）SELECT＆＃34; core_bots＆＃34;。* FROM＆＃34; core_bots＆＃34;在哪里＆＃34; core_bots＆＃34;。＆＃34; id＆＃34;   =？限制？ [[＆＃34; id＆＃34;，1]，[＆＃34; LIMIT＆＃34;，1]]在4ms内完成500内部服务器错误（ActiveRecord：0.6ms）

::加载ActiveModel ForbiddenAttributesError   （::加载ActiveModel ForbiddenAttributesError）：
  app / controllers / invitations_controller.rb：35：block in create' app/controllers/invitations_controller.rb:34:in每个＆＃39;   app / controllers / invitations_controller.rb：34：在`create＆＃39;渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb   在救援/布局内渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_source.html.erb   渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_source.html.erb   （5.3ms）渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb呈现   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb(2.5ms ）渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb   渲染   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb   （1.5ms）呈现   /Users/nicolasleroux/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/actionpack-5.0.6/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb   在救援/布局（93.1ms）内

Answer 1

问题是invitation是一个数组。所以你实际上需要允许invitation_params中的数组。

def invitation_params
  params.permit(invitation: [:id, :email, :user_id, :_destroy, :token])
end

此外，您在创建操作本身时遇到问题。您实际上并未使用已定义的允许参数。它应该看起来像这样：

def create
  invitation_params[:invitation].each do |invitation|
    Invitation.create(invitation)
  end

  redirect_to invitation_path
end

Rails：ForbiddenAttributesError用于动态简单表单

1 个答案: