我知道应该使用"attr_accessible"来允许批量分配保护,这实际上是我在用户模型中所做的。为什么它还在抱怨?
Can't mass-assign protected attributes: email, password
用户控制器:
class UsersController < ApplicationController
def index
@users = User.new
end
def show
@user = User.find(2)
end
def login
@user = Project.new(params[:user])
...
end
end
用户模型:
class User < ActiveRecord::Base
has_and_belongs_to_many :projects
belongs_to :project
belongs_to :ticket
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password
end
视图,_navigation.html.erb:
<%= form_for("user", :url => login_users_path, :html => { :method => :post }) do |f| %>
<%= f.label :email%>
<%= f.text_field(:email, :size => 30, :class => 'login_field', :placeholder => 'Användarnamn')%>
<%= f.label :password%>
<%= f.text_field(:password, :size => 30, :class => 'login_field', :placeholder => 'Lösenord')%>
<%= f.submit "Logga in", :class => 'login_submit btn btn-primary' %>
<% end %>
来自config/routes.rb:
resources :users do
post :login, on: :collection, as: :login
end
因为我正在使用上面的集合,所以(据我所知)它应该是我正在使用的正确控件/模型(用户)吗?
我认为应该是User而不是Project
def login
@user = User.new(params[:user])
...
end
您还应该将索引操作更改为:
def index
@users = Users.all
end
并向显示操作
def show
@user = User.find(params[:id])
end