Ruby on rails 4 由于强参数,嵌套表单参数不起作用
我有一个模型声明,它有很多成本:Ruby on rails 4 由于强参数,嵌套表单参数不起作用,ruby-on-rails-4,Ruby On Rails 4,我有一个模型声明,它有很多成本: class Declaration < ActiveRecord::Base has_many :costs accepts_nested_attributes_for :costs end class Cost < ActiveRecord::Base belongs_to :declaration end 当然还有表格,所以当我提交表格时,我会在日志中看到: Started POST "/users/3/declarations"
class Declaration < ActiveRecord::Base
has_many :costs
accepts_nested_attributes_for :costs
end
class Cost < ActiveRecord::Base
belongs_to :declaration
end
当然还有表格,所以当我提交表格时,我会在日志中看到:
Started POST "/users/3/declarations" for 127.0.0.1 at 2013-09-05 19:12:38 +0200
Processing by DeclarationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"mhaznOuBy/zj7LA/nIpDTy7X2u5UrR+0jleJsFid/JU=", "declaration"=>{"user_id"=>"3", "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"", "projectuser_id"=>"", "description"=>"", "amount_foreign"=>"", "rate"=>"", "amount"=>""}}, "commit"=>"Opslaan", "user_id"=>"3"}
User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."id" = 3 ORDER BY "users"."id" ASC LIMIT 1
Unpermitted parameters: cost
那么,为什么我要获得一个未经许可的参数cost
更新:声明表格添加如下:
- if can? :create, Declaration
= form_for [current_user, @declaration] do |f|
= f.hidden_field :user_id, value: current_user.id
.row
.page-header
.span7
%h1.title
%i{ class: "icon-coffee icon-large" }
= I18n.t('.declaration.add_title')
.span5
.action
- if can? :create, Declaration
= link_to I18n.t('.general.cancel'), user_declarations_path(current_user), class: 'btn'
= f.submit(class: 'btn', value: I18n.t('.general.save'))
.row
.span12
= render "layouts/error_messages", target: @declaration
.row
.span12
= render "form", f: f
以及呈现形式:
.row
.span12
%table.table.table-striped#declarations
%thead
%tr
%th= I18n.t('.cost.cost_date')
%th= I18n.t('.cost.project')
%th= I18n.t('.cost.description')
%th= I18n.t('.cost.amount_foreign')
%th= I18n.t('.cost.rate')
%th= I18n.t('.cost.amount')
%tbody
- @costs.each do |cost|
= f.fields_for cost, html: { class: "form-inline"} do |c|
%tr
%td{ "data-title" => "#{I18n.t('.cost.cost_date')}" }= c.date_select :cost_date, { include_blank: true, default: nil }
%td{ "data-title" => "#{I18n.t('.cost.project')}" }= c.collection_select :projectuser_id, @projectusers, :id, :full_name, include_blank: true
%td{ "data-title" => "#{I18n.t('.cost.description')}" }= c.text_field :description, class: "input-large"
%td{ "data-title" => "#{I18n.t('.cost.amount_foreign')}" }= c.text_field :amount_foreign, class: "input-small", type: :number, step: "any"
%td{ "data-title" => "#{I18n.t('.cost.rate')}" }= c.text_field :rate, class: "input-small", type: :number, step: "any"
%td{ "data-title" => "#{I18n.t('.cost.amount')}" }= c.text_field :amount, class: "input-small", type: :number, step: "any"
有许可证!我收到以下错误消息:
Started POST "/users/3/declarations" for 127.0.0.1 at 2013-09-09 09:29:44 +0200
Processing by DeclarationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"jQwy7psQwixneWF8DezrR/Wo5VKU/dpfz+sosiatm9c=", "declaration"=>{"user_id"=>"3", "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"", "projectuser_id"=>"", "description"=>"", "amount_foreign"=>"", "rate"=>"", "amount"=>""}}, "commit"=>"Opslaan", "user_id"=>"3"}
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."id" = 3 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 6ms
ArgumentError - wrong number of arguments (6 for 0):
app/controllers/declarations_controller.rb:70:in `declaration_params'
app/controllers/declarations_controller.rb:21:in `create'
第一印象是您返回了三个cost_date参数。我认为这需要作为数组返回。您的参数将是:
def declaration_params
params.require(:declaration).permit(:approval_date, :submit_date, :status, :user_id, :declaration_number,
costs_attributes: [:id, :description, :amount_foreign, :rate, :amount, :projectuser_id, :cost_date =>[]])
end
然后,您的web服务器将无法恢复:
... "cost"=>{"cost_date(3i)"=>"", "cost_date(2i)"=>"", "cost_date(1i)"=>"",...
它应该得到:
"cost"=>{"cost_date"=>["","",""],...
虽然没有看到形式,我不知道这是否是你想要实现的 似乎要改变这一点:
- @costs.each do |cost|
= f.fields_for cost, html: { class: "form-inline"} do |c|
为此:
= f.fields_for(:costs) do |c|
因为现在所有的成本记录都被保存了。在控制器中,我现在有:
@declaration = Declaration.new
10.times do |n|
@declaration.costs.build
end
我现在剩下的唯一问题是它保存了空的成本记录。您可以发布表单的html.erb吗?另外,您可以通过更改
params.require(:声明)。permit…
到params.require(:声明)。permit来运行一些疑难解答吗代码>查看发生了什么?我还没有研究许可证代码>方法,让您觉得它足够安全,可以在生产中使用,但它会突出显示Rails单数/复数是否有问题,即成本与成本…可能是它基于获得三个参数拒绝了整个成本哈希值“cost”=>{“cost\u date(3i)”=>,“cost\u date(2i)”=>,“cost\u date(1i)”=>“
从表单中?它将cost_date(1i)识别为:cost_date参数?具有许可证!它返回:“参数数目错误(0为6)”?可能与我添加的视图重复。那么,您是否尝试过上述代码?您是否应该获得3个不同的cost_date()返回的参数?对于一个表行来说这似乎很奇怪。这里的成本日期似乎不是问题。使用10.times do
将提供十条新记录,无论发生什么情况。您应该使用。每个方法。即成本。每个do…
等等。
@declaration = Declaration.new
10.times do |n|
@declaration.costs.build
end