Ruby on rails Rails 5-禁止属性
Rails在尝试创建时抛出了一个错误,当时我已将所有属性添加到必要的函数中,并在正确的位置引用了它(据我所知)。可以成功更新。不幸的是,它发生在多个控制器之间。我想他们所有人的问题都是一样的 这是升级到rails 5(以前是rails 2)的一部分。Ruby版本:2.6.3 创建函数:Ruby on rails Rails 5-禁止属性,ruby-on-rails,ruby,strong-parameters,Ruby On Rails,Ruby,Strong Parameters,Rails在尝试创建时抛出了一个错误,当时我已将所有属性添加到必要的函数中,并在正确的位置引用了它(据我所知)。可以成功更新。不幸的是,它发生在多个控制器之间。我想他们所有人的问题都是一样的 这是升级到rails 5(以前是rails 2)的一部分。Ruby版本:2.6.3 创建函数: def create @shipment_method = ShipmentMethod.new(shipment_methods_params) respond_to do |format|
def create
@shipment_method = ShipmentMethod.new(shipment_methods_params)
respond_to do |format|
if @shipment_method.save
format.html { redirect_to shipment_methods_url, notice: 'Shipment method was successfully created.' }
format.json { render json: @shipment_method, status: :created, location: @shipment_method }
else
format.html { render action: "new" }
format.json { render json: @shipment_method.errors, status: :unprocessable_entity }
end
end
end
def shipment_methods_params
params.require(:shipment_method).permit(:name, :description, :shipping_url, :active, :supports_tracking, :requires_phone)
end
参数函数:
def create
@shipment_method = ShipmentMethod.new(shipment_methods_params)
respond_to do |format|
if @shipment_method.save
format.html { redirect_to shipment_methods_url, notice: 'Shipment method was successfully created.' }
format.json { render json: @shipment_method, status: :created, location: @shipment_method }
else
format.html { render action: "new" }
format.json { render json: @shipment_method.errors, status: :unprocessable_entity }
end
end
end
def shipment_methods_params
params.require(:shipment_method).permit(:name, :description, :shipping_url, :active, :supports_tracking, :requires_phone)
end
请求参数:
Request parameters
{"utf8"=>"✓", "authenticity_token"=>"KjPFsCA5xwgeIx4U3eOH4sA1IuYY5FSw6kvK16XyyKarEzlxSi6N04LFBdsJHWyIwt+ujv6gz9D+flYBeJ+pWA==", "shipment_method"=>{"name"=>"1", "description"=>"1", "shipping_url"=>"1", "active"=>"0", "supports_tracking"=>"0", "requires_phone"=>"0"}, "commit"=>"Create Shipment method", "controller"=>"shipment_methods", "action"=>"create"}
请求的服务器日志:
Processing by ShipmentMethodsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"KjPFsCA5xwgeIx4U3eOH4sA1IuYY5FSw6kvK16XyyKarEzlxSi6N04LFBdsJHWyIwt+ujv6gz9D+flYBeJ+pWA==", "shipment_method"=>{"name"=>"1", "description"=>"1", "shipping_url"=>"1", "active"=>"0", "supports_tracking"=>"0", "requires_phone"=>"0"}, "commit"=>"Create Shipment method"}
User Load (0.6ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 5 ORDER BY `users`.`id` ASC LIMIT 1
Completed 500 Internal Server Error in 4ms (ActiveRecord: 0.6ms)
ActiveModel::ForbiddenAttributesError - ActiveModel::ForbiddenAttributesError:
全班:
class ShipmentMethod < ActiveRecord::Base
# public :description, :active, :name, :requires_phone, :supports_tracking, :shipping_url
## Associations
has_many :shipments
## Validations
validates :name, presence: true, uniqueness: true
## Scopes
default_scope -> {order(:name)}
scope :active, -> {where("active = 1")}
end
class ShipmentMethod{order(:name)}
作用域:活动,->{where(“active=1”)}
终止
如果在控制器中的操作之前有一个加载和授权资源
,则发生的情况是该方法在到达该方法之前获取您的参数并尝试创建实例。因此,它会忽略您创建的强参数
因此,当然,它永远不会到达方法和BAM——可怕的FAE
一个补救办法是调整之前的行动
load_and_authorize_resource :shipment_method, except: [:create]
authorize_resource :shipment_method, only: [:create]
但这很无聊
另一个是将强参数方法的名称更改为shipping\u method\u params
def shipment_method_params
params.require(:shipment_method).permit(:name, :description, :shipping_url, :active, :supports_tracking, :requires_phone)
end
因为,Rails及其对惯例的热爱。如果对这些操作有不同的参数,您还可以分别设置
create_params
和update_params
。是否可以发布ShipmentMethod类?我在日志中看到,正在加载id为5的用户模型,这是当前的用户值吗?ShipmentMethod是否依赖于用户?这里的模型上是否有一个before_save或其他回调,它会接触用户并验证某些内容?我怀疑这可能与某些依赖项有关。发布了类-我相信用户模型加载该类是由于页面的cancancan授权,但我会进行调查。抱歉-我指的是ShipmentMethod模型本身-而不是控制器。发布了模型,不确定我在想什么!这是在折磨我可怜的大脑。注释掉create方法中的所有内容会导致相同的错误,因此我正在管道中的其他位置进行搜索。在禁止属性错误:
行之后的日志中是否有更多详细信息?我希望有更多的细节可以帮助。。。