Ruby on Rails:发现不允许的参数:_method,authenticity_token
Ruby on Rails: found unpermitted parameters: _method, authenticity_token
我使用 this guide 作为从头创建消息系统的起点。
一切正常。但出于某种原因,每当我现在尝试通过在我的视图中单击以下内容来创建新对话时 link
<%= link_to 'Message me', conversations_path(sender_id: current_user.id, recipient_id: @user.id), class: 'btn btn-primary', method: :post %>
我遇到错误:
found unpermitted parameters: _method, authenticity_token
参数如下:
{"_method"=>"post", "authenticity_token"=>"BL2XeA6BSjYliU2/rbdZiSnOj1N5/VMRhRIgN8LEXYPyWfxyiBM1SjYPofq7qO4+aqMhgojvnYyDyeLTcerrSQ==", "recipient_id"=>"1", "sender_id"=>"30", "controller"=>"conversations", "action"=>"create"}
我被定向到控制器中的 params.permit 行:
class ConversationsController < ApplicationController
before_action :authenticate_user!
# GET /conversations
# GET /conversations.json
def index
@users = User.all
# Restrict to conversations with at least one message and sort by last updated
@conversations = Conversation.joins(:messages).uniq.order('updated_at DESC')
end
# POST /conversations
# POST /conversations.json
def create
if Conversation.between(params[:sender_id], params[:recipient_id]).present?
@conversation = Conversation.between(params[:sender_id], params[:recipient_id]).first
else
@conversation = Conversation.create!(conversation_params)
end
redirect_to conversation_messages_path(@conversation)
end
private
# Use callbacks to share common setup or constraints between actions.
def conversation_params
params.permit(:sender_id, :recipient_id)
end
end
奇怪,我以前没有这个问题,我也没有做任何修改。可能是什么问题?
您的参数可能应该这样定义:
def conversation_params
params.require(:conversation).permit(:sender_id, :recipient_id)
end
这应该确保表单自动生成的其他隐藏参数不会被阻止。
我使用 this guide 作为从头创建消息系统的起点。
一切正常。但出于某种原因,每当我现在尝试通过在我的视图中单击以下内容来创建新对话时 link
<%= link_to 'Message me', conversations_path(sender_id: current_user.id, recipient_id: @user.id), class: 'btn btn-primary', method: :post %>
我遇到错误:
found unpermitted parameters: _method, authenticity_token
参数如下:
{"_method"=>"post", "authenticity_token"=>"BL2XeA6BSjYliU2/rbdZiSnOj1N5/VMRhRIgN8LEXYPyWfxyiBM1SjYPofq7qO4+aqMhgojvnYyDyeLTcerrSQ==", "recipient_id"=>"1", "sender_id"=>"30", "controller"=>"conversations", "action"=>"create"}
我被定向到控制器中的 params.permit 行:
class ConversationsController < ApplicationController
before_action :authenticate_user!
# GET /conversations
# GET /conversations.json
def index
@users = User.all
# Restrict to conversations with at least one message and sort by last updated
@conversations = Conversation.joins(:messages).uniq.order('updated_at DESC')
end
# POST /conversations
# POST /conversations.json
def create
if Conversation.between(params[:sender_id], params[:recipient_id]).present?
@conversation = Conversation.between(params[:sender_id], params[:recipient_id]).first
else
@conversation = Conversation.create!(conversation_params)
end
redirect_to conversation_messages_path(@conversation)
end
private
# Use callbacks to share common setup or constraints between actions.
def conversation_params
params.permit(:sender_id, :recipient_id)
end
end
奇怪,我以前没有这个问题,我也没有做任何修改。可能是什么问题?
您的参数可能应该这样定义:
def conversation_params
params.require(:conversation).permit(:sender_id, :recipient_id)
end
这应该确保表单自动生成的其他隐藏参数不会被阻止。