Ruby on rails 禁止从具有多个关系的对象生成时发生属性错误 新更新
将参数从模型移动到控制器,并使用comment_属性,而不是@vinodhikary向我指出的注释 使用better_errors REPL,我将问题追溯到Ruby on rails 禁止从具有多个关系的对象生成时发生属性错误 新更新,ruby-on-rails,ruby-on-rails-4,Ruby On Rails,Ruby On Rails 4,将参数从模型移动到控制器,并使用comment_属性,而不是@vinodhikary向我指出的注释 使用better_errors REPL,我将问题追溯到sanitize_for_mass_assignment方法。执行属性时。允许吗?返回false。但是执行attributes.permit(:article\u id,:name,:email,:body)会准确地返回que条目参数!: >> attributes => {"name"=>"Commenter", "
sanitize_for_mass_assignment
方法。执行属性时。允许吗?
返回false
。但是执行attributes.permit(:article\u id,:name,:email,:body)
会准确地返回que条目参数!:
>> attributes
=> {"name"=>"Commenter", "email"=>"commenter@mail.com", "body"=>"Here is the comment >> body!! :D"}
>> attributes.permit(:article_id, :name, :email, :body)
=> {"name"=>"Commenter", "email"=>"commenter@mail.com", "body"=>"Here is the comment body!! :D"}
>> attributes.permitted?
=> false
上下文和代码
在尝试接触Rails 4时,我遇到了(我认为)强参数使用的问题
我有一个文章类,可以有很多评论。创建新注释时,请执行以下操作:
@comment = @article.comments.build(params[:comment])
我得到以下错误(指向这条线):
ActiveModel::禁止在/articles/1/comments处出现属性错误
模型如下:
class Article < ActiveRecord::Base
validates_presence_of :title, :content
validates_uniqueness_of :title
has_many :comments, :dependent => :destroy
accepts_nested_attributes_for :comments
end
注释控制器代码为:
def create
@article = Article.find(params[:article_id])
@comment = @article.comments.build(params[:comment]) # <--- It fails here
respond_to do |format|
if @comment.save
format.html { redirect_to @comment, notice: 'Comment was successfully created.' }
format.json { render action: 'show', status: :created, location: @comment }
else
format.html { render action: 'new' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
def创建
@article=article.find(参数[:article\u id])
@comment=@article.comments.build(params[:comment])#模型中的方法article_-params
和comment_-params
属于各自的控制器,而不属于模型中。其思想是在控制器中而不是在模型中过滤传递给模型的参数。阅读如何允许嵌套属性的属性
您的模型应如下所示:
# Articles.rb
class Article < ActiveRecord::Base
validates_presence_of :title, :content
validates_uniqueness_of :title
has_many :comments, :dependent => :destroy
accepts_nested_attributes_for :comments
end
# Comment.rb
class Comment < ActiveRecord::Base
belongs_to :article
validates_presence_of :article_id, :author, :body, :content
end
#ArticlesController.rb
def create
@article = Article.find(params[:article_id])
@comment = @article.comments.build(params[:comment])
respond_to do |format|
if @comment.save
format.html { redirect_to @comment, notice: 'Comment was successfully created.' }
format.json { render action: 'show', status: :created, location: @comment }
else
format.html { render action: 'new' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
private
def article_params
params.require(:article).permit(:title, :content, comments_attributes: [:article_id, :author, :email, :body, :content])
end
permit params方法名称应与模型/控制器名称相同
e、 g如果模型名称为“最近发布”,则许可方法名称应为
def最近发布的参数
..............
结束Oops!是的,我把它放在模型里而不是控制器里。尽管如此(解决了评论属性中“作者”而不是“姓名”的拼写错误并删除了内容),我还是无法让它工作。我将问题追溯到sanitize\u for\u mass\u分配
方法。执行属性时。允许吗?
返回false。但是执行attributes.permit(:article\u id,:name,:email,:body)
会准确地返回输入参数!我再次完成了所有代码,并使用create代替build。它起作用了。无论如何,由于你的回复帮助我解决了我犯下的严重错误,我将其标记为正确的错误。
# Articles.rb
class Article < ActiveRecord::Base
validates_presence_of :title, :content
validates_uniqueness_of :title
has_many :comments, :dependent => :destroy
accepts_nested_attributes_for :comments
end
# Comment.rb
class Comment < ActiveRecord::Base
belongs_to :article
validates_presence_of :article_id, :author, :body, :content
end
#ArticlesController.rb
def create
@article = Article.find(params[:article_id])
@comment = @article.comments.build(params[:comment])
respond_to do |format|
if @comment.save
format.html { redirect_to @comment, notice: 'Comment was successfully created.' }
format.json { render action: 'show', status: :created, location: @comment }
else
format.html { render action: 'new' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
private
def article_params
params.require(:article).permit(:title, :content, comments_attributes: [:article_id, :author, :email, :body, :content])
end