我在我的项目中使用 devise,我想从我的管理面板更新其他人配置文件,因此只有具有管理员角色的用户才能访问它,由于此行为与默认设计非常不同,我决定创建一个单独的控制器,这样我就可以像普通记录一样操纵用户,但由于某种原因,当我更新用户时, 记录不会更新到数据库中。
这些是我的路线
devise_for :users, controllers: { registrations: 'users/registrations' }
root "users#index"
post "users/:id" => "users#show"
get "users/:id" => "users#show", as: :user
patch "users/:id" => "users#show"
resources :receipts
resources :notes
get "users/edit/:id" => "users#edit", as: :edit_user
这是我的控制器
def edit
@user = User.find(params[:id])
end
def update
user = User.find(params[:id])
user.update(user_update_params)
redirect_to user
end
private
def user_update_params
params.require(:user).permit(:username, :names, :last_names, :guardian, :phone, :identification, :role)
end
def user_params
if @user.debts.nil?
params.require(:user).permit(:debts)
else
params.require(:user).permit(:add_debt)
end
end
这些是我的观点
<% if current_user && current_user.has_role?(:admin) %>
<div class="container form-bg">
<div class="row main">
<div class="panel-heading">
<div class="panel-title text-center">
<h1 class="title">Editar usuario</h1>
<hr />
</div>
</div>
<div class="main-login main-center">
<%= form_for @user do |f| %>
<div class="form-group">
<%= f.label :username, "Usuario" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user fa" aria-hidden="true"></i></span>
<%= f.text_field :username, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :names, "Nombres" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user fa" aria-hidden="true"></i></span>
<%= f.text_field :names, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :last_names, "Apellidos" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user fa" aria-hidden="true"></i></span>
<%= f.text_field :last_names, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :phone, "Teléfono" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-phone fa" aria-hidden="true"></i></span>
<%= f.text_field :phone, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :identification, "Número de identification" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-envelope fa" aria-hidden="true"></i></span>
<%= f.text_field :identification, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :guardian, "Guardian legal" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user fa" aria-hidden="true"></i></span>
<%= f.text_field :guardian, autofocus: true, class: "form-control" %>
</div>
</div>
</div>
<div class="form-group ">
<label>
<%= f.radio_button :role, "student" , :checked => true %>
Estudiante
</label>
<label>
<%= f.radio_button :role, "teacher" %>
Profesor
</label>
</div>
<div class="form-group">
<%= f.label :password, "Contraseña" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-lock fa" aria-hidden="true"></i></span>
<% if @minimum_password_length %>
<em>(<%= @minimum_password_length %> characters minimum)</em>
<% end %>
<%= f.password_field :password, autofocus: true, class: "form-control", autocomplete: "off" %>
</div>
</div>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "Confirmar contraseña" ,class: "cols-sm-2 control-label" %><br />
<div class="cols-sm-10">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-lock fa" aria-hidden="true"></i></span>
<%= f.password_field :password_confirmation, autofocus: true, class: "form-control", autocomplete: "off" %>
</div>
</div>
</div>
<div class="form-group ">
<%= f.submit "Editar", class: "btn btn-primary btn-lg btn-block login-button" %>
</div>
<% end %>
</div>
</div>
<p class="invisible">asdsadsadsdsadsad</p>
</div>
<% else %>
<h1>Acceso exclusivo para administradores</h1>
<% end %>
因此,在阅读了我的堆栈跟踪后,它确实尝试制作补丁,但随后它说不允许使用参数,这很奇怪,因为我已经在我的user_update_params方法上允许它们。
这出现在我的踪迹上
Started PATCH "/users/12" for ::1 at 2017-01-28 13:20:53 -0500
Processing by UsersController#show as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"IdJKYYFVh8ZJJm/RPRJd7blfQw84Ct38KjE5tZ6fTuHFK8TG04MxUu2OtQv6wfLvFJll0EYYZa+ooxP19RqOAQ==", "user"=>{"username"=>"jimena", "names"=>"Jimena44", "last_names"=>"Delgado Díaz44", "phone"=>"214123244", "identification"=>"32312", "guardian"=>"3213123", "role"=>"student", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Editar", "id"=>"12"}
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 12]]
Unpermitted parameters: username, names, last_names, phone, identification, guardian, role, password, password_confirmation
那么,如果我的文件甚至按照控制器的预期重定向,为什么我的文件没有更新呢?
感谢您的阅读。
由于您正在使用 devise 我认为您需要像这样设置它:
before_action :configure_permitted_parameters
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:account_update) << [:username, :names]
end
确保控制器继承自 dexie:
class UsersController < Devise::RegistrationsController
您可以在此处和此处阅读有关它的更多信息,在有关强参数的部分中。