Ruby on rails 未经允许的参数::utf8,:真实性\u令牌-Rails 5.2表单\u
我要用这个把头发扯下来。我在带有嵌套资源的表单_上获得了一个未经许可的参数。我使用的是Rails 5.2.1和Ruby 2.5 我不知道我在这件事上到底出了什么问题。我尝试过各种不同的站点参数,但没有成功。任何帮助都将不胜感激 这是我的路线。rb:Ruby on rails 未经允许的参数::utf8,:真实性\u令牌-Rails 5.2表单\u,ruby-on-rails,ruby,Ruby On Rails,Ruby,我要用这个把头发扯下来。我在带有嵌套资源的表单_上获得了一个未经许可的参数。我使用的是Rails 5.2.1和Ruby 2.5 我不知道我在这件事上到底出了什么问题。我尝试过各种不同的站点参数,但没有成功。任何帮助都将不胜感激 这是我的路线。rb: resources :locations do post 'sites', to: 'sites#custom_create', as: :site_custom resources :sites, except: [:edit, :
resources :locations do
post 'sites', to: 'sites#custom_create', as: :site_custom
resources :sites, except: [:edit, :update, :show]
end
以及相关的控制器功能:
def new
verify_site_name or return
@site = @location.sites.new
authorize @site
@available_site = AvailableSite.find_by(site_name: params[:site_name])
@finder_results = get_finder_results([:site_name], @location)
end
def create
verify_site_name or return
@site = @location.sites.new(site_params)
authorize @site
respond_to do |format|
if @site.save
format.html { redirect_to location_sites_path, notice: 'Location was successfully created.' }
format.json { render :show, status: :created, site: @site }
else
format.html { redirect_to location_sites_path, alert: "#{@site.errors.full_messages.first}" }
format.json { render json: @site.errors, status: :unprocessable_entity }
end
end
end
# Never trust parameters from the scary internet, only allow the white list through.
def site_params
params.permit(:location_id, :place_id, :site_name, :review_url)
end
# Use callbacks to share common setup or constraints between actions.
def set_site
@site = Site.find(params[:id])
end
def set_location
@location = Location.friendly.find(params[:location_id])
end
当然,形式本身:
<%= form_with(model: [@location, @site], local: true, class: 'site-form') do |form| %>
<%= hidden_field_tag(:site_name, @available_site.site_name) %>
<div class="field md:w-3/4 lg:w-2/3 mx-auto text-left">
<%= form.text_field :review_url, class: 'text-input', placeholder: 'https://www.facebook.com/yourbusinessname/review/?ref=page_internal' %>
<span class="form-required">*required</span>
</div>
<%= form.submit "Manually Submit #{@available_site.site_name.titleize}", class: 'btn btn-green btn-outline' %>
<% end %>
尝试:
site
的参数嵌套在Params[:site]
中。您应该首先从所有参数中取出此哈希,然后对其调用permit
。现在你正在清理所有参数(包括一些你显然不感兴趣的东西,如utf8
或authenticity\u token
)。我之前尝试过,但不幸的是,这只会让我走上无法呈现新路径的道路。我得到一个错误:param丢失或值为空:site我认为这是由于在新控制器操作中调用params函数造成的(请参见上面的问题)。想法?为什么在#新建操作中需要site_参数
?通常会被称为“AvailableSite.new”的是。啊,我试着改变它,这样我就不用调用site\u-params[:site\u-name]
而是调用params[:site\u-name]
。它在视图中使用。但是为什么在new
中需要这些参数呢?因为它们用于确定新视图。
Started POST "/locations/tekamar-mortgages-ltd/sites" for 127.0.0.1 at 2018-12-03 15:30:57 +0000
Processing by SitesController#custom_create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"l/DjkUbVNyw+nrXxo1B/9IGru043Ftroxy8FcuNcZuxmJ7V3j0gC8njm5kpGPT8c7tMWSaAR/ler3cSHY+t8aA==", "site"=>{"site_name"=>"google", "review_url"=>"https://www.yelp.ca/biz/your-busines-sname?utm_campaign=www_business_share_popup&utm_medium=copy_link&utm_source=(direct)"}, "commit"=>"Create Site", "location_id"=>"tekamar-mortgages-ltd"}
Location Load (0.8ms) SELECT "locations".* FROM "locations" WHERE "locations"."slug" = $1 LIMIT $2 [["slug", "tekamar-mortgages-ltd"], ["LIMIT", 1]]
↳ app/controllers/sites_controller.rb:78
User Load (1.9ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 1], ["LIMIT", 1]]
↳ /Users/richsmith/.rvm/gems/ruby-2.5.1/gems/activerecord-5.2.1/lib/active_record/log_subscriber.rb:98
Unpermitted parameters: :utf8, :authenticity_token, :site, :commit
Redirected to http://localhost:3000/locations/tekamar-mortgages-ltd/sites
Completed 302 Found in 13ms (ActiveRecord: 2.6ms)
def site_params
params.require(:site).permit(:location_id, :place_id, :site_name, :review_url)
end