设计不允许使用的强参数:avatar

时间:2019-02-28 02:58:04

标签: ruby-on-rails devise carrierwave

我已经在application_controller as per the documentation中设置了用于设计的自定义参数。但是,当我使用:avatar图像提交表单时,会在控制台中显示不允许的参数错误。

我正在使用带有载波1.0的导轨5进行上传,并设计了4.4.1。据我所知,这是可行的,我希望有人可以帮助我弄清楚我在做什么错。

控制台:

Processing by RegistrationsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"RHtEqjx50kMKQuIsHQoR3vjjzK1v3mDM3j4N8K2HSb+r3uFtlkrBmDFdpCi/SB5iB92WGB5cBB5ZlBaIYk0PTQ==", "user"=>{"username"=>"testuser3", "email"=>"testuser3@gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "current_password"=>"[FILTERED]", "avatar"=>#<ActionDispatch::Http::UploadedFile:0x00007fb1582c5e50 @tempfile=#<Tempfile:/tmp/RackMultipart20190228-9699-1ypcbkw.jpg>, @original_filename="1-mens-spiky-undercut-haircut.jpg", @content_type="image/jpeg", @headers="Content-Disposition: form-data; name=\"user[avatar]\"; filename=\"1-mens-spiky-undercut-haircut.jpg\"\r\nContent-Type: image/jpeg\r\n">}, "commit"=>"Update"}
  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? ORDER BY "users"."id" ASC LIMIT ?  [["id", 4], ["LIMIT", 1]]
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 4], ["LIMIT", 1]]
Unpermitted parameter: :avatar
   (0.1ms)  begin transaction
   (0.0ms)  commit transaction
Redirected to https://81cd3c30040546168ef9f84eb7714203.vfs.cloud9.us-east-2.amazonaws.com/
Completed 302 Found in 160ms (ActiveRecord: 0.5ms)

Application_controller:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :channel_variable
  before_action :configure_permitted_parameters, if: :devise_controller?

    def channel_variable
    @channels = Channel.all.order('created_at desc')
    end

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:avatar, :avatar_cache, :remove_avatar])
    devise_parameter_sanitizer.permit(:sign_in, keys: [:avatar, :avatar_cache, :remove_avatar])
    devise_parameter_sanitizer.permit(:account_update, keys: [:avatar, :avatar_cache, :remove_avatar])
  end

end

app / views / devise / registrations / edit.html.erb:

      <%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
        <%= f.error_notification %>


          <div class="field">
            <div class="control">
              <%= f.input :username, required: true,  input_html: { class: "input"}, wrapper: false, label_html: { class: "label" } %>
            </div>
          </div>

          <div class="field">
            <div class="control">
              <%= f.input :email, required: true, input_html: { class: "input"}, wrapper: false, label_html: { class: "label" } %>
            </div>
          </div>

          <div class="field">
          <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
            <p>Currently waiting confirmation for: <%= resource.unconfirmed_email %></p>
          <% end %>
          </div>

          <div class="field">
            <div class="control">
            <%= f.input :password, autocomplete: "off", hint: "leave it blank if you don't want to change it", required: false, input_html: { class: "input"}, wrapper: false, label_html: { class: "label" } %>
            </div>
          </div>

          <div class="field">
            <div class="control">
            <%= f.input :password_confirmation, required: false, input_html: { class: "input"}, wrapper: false, label_html: { class: "label" } %>
            </div>
          </div>

          <div class="field">
            <div class="control">
              <%= f.input :current_password, hint: "we need your current password to confirm your changes", required: true, input_html: { class: "input"}, wrapper: false, label_html: { class: "label" } %>
            </div>
        </div>

          <div class="field">
           <div class="control">
          <%= f.file_field :avatar %>
          </div>
          </div>

        <%= f.button :submit, "Update", class:"button is-info" %>

      <% end %>

1 个答案:

答案 0 :(得分:2)

用下面的代码替换方法configure_permitted_parameters。让我知道是否出现相同的错误。

protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up) { |u| u.permit(:username, :email, :password,
      :password_confirmation, :remember_me, :avatar, :avatar_cache, :remove_avatar) }

    devise_parameter_sanitizer.permit(:sign_in, keys: [:avatar, :avatar_cache, :remove_avatar])

    devise_parameter_sanitizer.permit(:account_update) { |u| u.permit(:username, :email, :password,
      :password_confirmation, :current_password, :avatar, :avatar_cache, :remove_avatar) }
  end