我似乎找不到问题。在我的管理员中::CompetitionsController<ApplicationController我做
def create
respond_to do |format|
if @competition.save(competition_params)
format.html {
flash[:success] = 'Success!'
redirect_to competition_path
}
else
format.html {
render :action => 'edit'
}
end
end
end
def competition_params
params.require(:competition).permit(:name, :date, :sex, :category, :country_id, :description, :article, :result)
end
我的迁移看起来是这样的:
create_table :competitions do |t|
t.string :name
t.date :date
t.integer :sex
t.integer :category
t.integer :country_id
t.string :article
t.string :result
t.string :description
end
这是我的表格:
<%= form_for [:admin, @competition], :html => {:class => "form"} do |f| %>
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, :class => 'form-control' %>
</div>
<div class="form-group">
<%= f.label :date %>
<%= f.date_select :date, :class => 'form-control' %>
</div>
<div class="form-group">
<%= f.label "Gender" %>
<%= f.select "sex", options_for_select(@sex), :class => 'form-control' %>
<%= f.label :category %>
<%= f.select "category", options_for_select(@category), :class => 'form-control' %>
</div>
<div class="form-group">
<%= f.select :country_id, Country.all.collect { |country| [country.name, country.id] },
{ :prompt => "Select Country" } %>
</div>
<div class="form-group">
<%= f.label :description %>
<%= f.text_area :description, :class => 'form-control', :rows=>5 %>
</div>
<div class="form-group">
<%= f.label :article %>
<%= f.text_field :article, :class => 'form-control' %>
</div>
<div class="form-group">
<%= f.label :result %>
<%= f.text_field :result, :class => 'form-control' %>
</div>
<%= f.submit :class=>'btn btn-primary' %>
<% end %>
我得到的请求参数:
{"utf8"=>"✓",
"authenticity_token"=>"hFayDADwjR0ZfhKZfnHKbzJntwDrzHiZ/3H61LcJsEA=",
"competition"=>{"name"=>"",
"date(1i)"=>"2013",
"date(2i)"=>"11",
"date(3i)"=>"22",
"sex"=>"1",
"category"=>"1",
"country_id"=>"",
"description"=>"",
"article"=>"",
"result"=>""},
"commit"=>"Create Competition"}
每次我得到ActiveModel::ForbiddenAttributesError时。我尝试允许不同的参数,但没有成功。我不知道该尝试什么了。
完整错误页面:
ActiveModel::ForbiddenAttributesError in Admin::CompetitionsController#create
ActiveModel::ForbiddenAttributesError
Rails.root: /home/linux/RubymineProjects/Tabor
Application Trace | Framework Trace | Full Trace
activemodel (4.0.0) lib/active_model/forbidden_attributes_protection.rb:21:in `sanitize_for_mass_assignment'
activerecord (4.0.0) lib/active_record/attribute_assignment.rb:21:in `assign_attributes'
activerecord (4.0.0) lib/active_record/core.rb:192:in `initialize'
activerecord (4.0.0) lib/active_record/inheritance.rb:27:in `new'
activerecord (4.0.0) lib/active_record/inheritance.rb:27:in `new'
cancan (1.6.10) lib/cancan/controller_resource.rb:85:in `build_resource'
cancan (1.6.10) lib/cancan/controller_resource.rb:66:in `load_resource_instance'
cancan (1.6.10) lib/cancan/controller_resource.rb:32:in `load_resource'
cancan (1.6.10) lib/cancan/controller_resource.rb:25:in `load_and_authorize_resource'
cancan (1.6.10) lib/cancan/controller_resource.rb:10:in `block in add_before_filter'
activesupport (4.0.0) lib/active_support/callbacks.rb:447:in `_run__2070627161148806707__process_action__callbacks'
activesupport (4.0.0) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.0) lib/abstract_controller/callbacks.rb:17:in `process_action'
actionpack (4.0.0) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
activesupport (4.0.0) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.0.0) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.0.0) lib/active_support/notifications.rb:159:in `instrument'
actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.0.0) lib/action_controller/metal/params_wrapper.rb:245:in `process_action'
activerecord (4.0.0) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.0.0) lib/abstract_controller/base.rb:136:in `process'
actionpack (4.0.0) lib/abstract_controller/rendering.rb:44:in `process'
actionpack (4.0.0) lib/action_controller/metal.rb:195:in `dispatch'
actionpack (4.0.0) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.0.0) lib/action_controller/metal.rb:231:in `block in action'
actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:in `call'
actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:in `dispatch'
actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:48:in `call'
actionpack (4.0.0) lib/action_dispatch/journey/router.rb:71:in `block in call'
actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:in `each'
actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:in `call'
actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:655:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:35:in `call'
rack (1.5.2) lib/rack/head.rb:11:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/flash.rb:241:in `call'
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/cookies.rb:486:in `call'
activerecord (4.0.0) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.0.0) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:in `call'
activerecord (4.0.0) lib/active_record/migration.rb:369:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.0.0) lib/active_support/callbacks.rb:373:in `_run__3850854791608649842__call__callbacks'
activesupport (4.0.0) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/reloader.rb:64:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.0.0) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.0.0) lib/rails/rack/logger.rb:21:in `block in call'
activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:in `block in tagged'
activesupport (4.0.0) lib/active_support/tagged_logging.rb:25:in `tagged'
activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:in `tagged'
railties (4.0.0) lib/rails/rack/logger.rb:21:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
rack (1.5.2) lib/rack/runtime.rb:17:in `call'
activesupport (4.0.0) lib/active_support/cache/strategy/local_cache.rb:83:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
actionpack (4.0.0) lib/action_dispatch/middleware/static.rb:64:in `call'
railties (4.0.0) lib/rails/engine.rb:511:in `call'
railties (4.0.0) lib/rails/application.rb:97:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/content_length.rb:14:in `call'
rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
/home/linux/.rvm/rubies/ruby-2.1.0-preview1/lib/ruby/2.1.0/webrick/httpserver.rb:138:in `service'
/home/linux/.rvm/rubies/ruby-2.1.0-preview1/lib/ruby/2.1.0/webrick/httpserver.rb:94:in `run'
/home/linux/.rvm/rubies/ruby-2.1.0-preview1/lib/ruby/2.1.0/webrick/server.rb:295:in `block in start_thread'
Request
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"N8DJKWtnMtunizyY4oGBuGNiL9UNIc63sM2PHWxpXtY=",
"competition"=>{"name"=>"",
"date(1i)"=>"2013",
"date(2i)"=>"11",
"date(3i)"=>"22",
"sex"=>"1",
"category"=>"1",
"country_id"=>"",
"description"=>"",
"article"=>"",
"result"=>""},
"commit"=>"Create Competition"}
Toggle session dump
_csrf_token: "N8DJKWtnMtunizyY4oGBuGNiL9UNIc63sM2PHWxpXtY="
session_id: "116666f7d0e5494da6a99d481c7e8cc8"
warden.user.user.key: [[1], "$2a$10$oe41UVUa5llNALpv5gIeXu"]
Toggle env dump
GATEWAY_INTERFACE: "CGI/1.1"
HTTP_ACCEPT: "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
HTTP_ACCEPT_ENCODING: "gzip,deflate,sdch"
HTTP_ACCEPT_LANGUAGE: "sl-SI,sl;q=0.8,en-GB;q=0.6,en;q=0.4"
REMOTE_ADDR: "127.0.0.1"
REMOTE_HOST: "127.0.0.1"
SERVER_NAME: "0.0.0.0"
SERVER_PROTOCOL: "HTTP/1.1"
尝试更改白名单以处理多部分日期参数
def competition_params
params.require(:competition).permit(:name, :"date(1i)", :"date(2i)", :"date(3i)", :sex, :category, :country_id, :description, :article, :result)
end
此外,这个代码看起来不太正确:
if @competition.save(competition_params)
假设您已经为@competition分配了一个Competition实例,那么您应该使用update_attributes:
if @competition.update_attributes(competition_params)
否则,先分配:
@competition = Competition.new(competition_params)
if @competition.save
这是由于CanCan试图在控制器代码之前分配属性造成的。您将需要添加一个before_action来分配new_user,而不是在控制器操作中这样做。
还要确保在before_action 之后create_and_authorize_resource是
有关详细信息,请参阅此问题。
上面的答案对我很有用。下面是一个代码示例,供需要它的人使用。
class WhateversController < ApplicationController
before_action :cancan_rails4_hack
load_and_authorize_resource
def cancan_rails4_hack
@event = Event.new
end
end
CanCan不适用于Rails4。请改用CanCanCan。
默认情况下,CanCan将尝试清除上的输入:create和:通过查看控制器是否会响应以下方法(按顺序):
create_params或update_params(取决于您要执行的操作performing)_params,例如article_params(这是rails中用于命名param方法的默认约定)resource_params(可以在每个控制器)此外,load_and_authorize_resource现在可以执行param_method选项,用于在控制器中指定自定义方法运行以清除输入。
我已经完成了移植,只需将Gemfile中的行替换为:
gem 'cancancan', '~> 1.10'
此处链接:https://github.com/CanCanCommunity/cancancan