简单形式不保存嵌套属性
Simple form not saving nested attribute
我有一个用户模型。使用设计。当我创建用户时我想通过嵌套形式创建一个场所。
我换成了simple_form。
我确信这是一个简单的错误并且我错过了一些东西
我在场地上收到未经许可的参数,这让我抓狂,请帮忙
型号
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :masqueradable, :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable, :omniauthable
has_one_attached :avatar
has_person_name
has_many :venues, inverse_of: :user
accepts_nested_attributes_for :venues
end
class Venue < ApplicationRecord
belongs_to :user
end
控制器
class ApplicationController < ActionController::Base
include Pundit
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :masquerade_user!
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name, venue_attributes: [:name, :id]])
devise_parameter_sanitizer.permit(:account_update, keys: [:name, :avatar])
end
end
class Users::RegistrationsController < Devise::RegistrationsController
# before_action :configure_sign_up_params, only: [:create]
# before_action :configure_account_update_params, only: [:update]
# GET /resource/sign_up
def new
@user = User.new
@user.venues.build
end
class VenuesController < ApplicationController
before_action :set_venue, only: %i[ show edit update destroy ]
# GET /venues or /venues.json
def index
@venues = Venue.all
end
# GET /venues/1 or /venues/1.json
def show
end
# GET /venues/new
def new
@venue = Venue.new
end
# GET /venues/1/edit
def edit
end
# POST /venues or /venues.json
def create
@venue = Venue.new(venue_params)
respond_to do |format|
if @venue.save
format.html { redirect_to @venue, notice: "Venue was successfully created." }
format.json { render :show, status: :created, location: @venue }
else
format.html { render :new, status: :unprocessable_entity }
format.json { render json: @venue.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /venues/1 or /venues/1.json
def update
respond_to do |format|
if @venue.update(venue_params)
format.html { redirect_to @venue, notice: "Venue was successfully updated." }
format.json { render :show, status: :ok, location: @venue }
else
format.html { render :edit, status: :unprocessable_entity }
format.json { render json: @venue.errors, status: :unprocessable_entity }
end
end
end
# DELETE /venues/1 or /venues/1.json
def destroy
@venue.destroy
respond_to do |format|
format.html { redirect_to venues_url, notice: "Venue was successfully destroyed." }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_venue
@venue = Venue.find(params[:id])
end
# Only allow a list of trusted parameters through.
def venue_params
params.require(:venue).permit(:name)
end
end
我得到的错误是
于 2021 年 8 月 5 日开始 POST ::1 的“/用户”09:02:08 +1000
通过 Devise::RegistrationsController#create as TURBO_STREAM 处理
参数:{"authenticity_token"=>"[FILTERED]", "user"=>{"name"=>"test test", "email"=>"test@test.com", " venue"=>{"name"=>"test"}, "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up “}
不允许的参数::venue
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<div class="mb-3">
<%= f.input :name, autofocus: false, class: 'form-control', placeholder: "Full name" %>
</div>
<div class="mb-3">
<%= f.input :email, autofocus: false, class: 'form-control', placeholder: "Email Address" %>
</div>
<%= f.simple_fields_for :venue do |v| %>
<div class="mb-3">
<%= v.input :name, autofocus: false, class: 'form-control', placeholder: "Full name" %>
</div>
<% end %>
<div class="mb-3">
<%= f.input :password, autocomplete: "off", class: 'form-control', placeholder: 'Password' %>
</div>
<div class="mb-3">
<%= f.input :password_confirmation, autocomplete: "off", class: 'form-control', placeholder: 'Confirm Password' %>
</div>
<div class="mb-3 d-grid">
<%= f.button :submit, "Sign up" %>
</div>
<% end %>
<div class="text-center">
<%= render "devise/shared/links" %>
这是一个简单的复数错误。您的模型 has_many :venues 和 accepts_nested_attributes_for :venues 因此您需要在表单中使用复数形式 :venues:
<%= f.simple_fields_for :venues do |v| %>
<div class="mb-3">
<%= v.label :name %>
<%= v.input :name, autofocus: false, class: 'form-control' %>
</div>
<% end %>
你需要加入白名单venues_attributes:
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name, venues_attributes: [:name, :id]])
devise_parameter_sanitizer.permit(:account_update, keys: [:name, :avatar])
end
我有一个用户模型。使用设计。当我创建用户时我想通过嵌套形式创建一个场所。
我换成了simple_form。
我确信这是一个简单的错误并且我错过了一些东西
我在场地上收到未经许可的参数,这让我抓狂,请帮忙
型号
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :masqueradable, :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable, :omniauthable
has_one_attached :avatar
has_person_name
has_many :venues, inverse_of: :user
accepts_nested_attributes_for :venues
end
class Venue < ApplicationRecord
belongs_to :user
end
控制器
class ApplicationController < ActionController::Base
include Pundit
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :masquerade_user!
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name, venue_attributes: [:name, :id]])
devise_parameter_sanitizer.permit(:account_update, keys: [:name, :avatar])
end
end
class Users::RegistrationsController < Devise::RegistrationsController
# before_action :configure_sign_up_params, only: [:create]
# before_action :configure_account_update_params, only: [:update]
# GET /resource/sign_up
def new
@user = User.new
@user.venues.build
end
class VenuesController < ApplicationController
before_action :set_venue, only: %i[ show edit update destroy ]
# GET /venues or /venues.json
def index
@venues = Venue.all
end
# GET /venues/1 or /venues/1.json
def show
end
# GET /venues/new
def new
@venue = Venue.new
end
# GET /venues/1/edit
def edit
end
# POST /venues or /venues.json
def create
@venue = Venue.new(venue_params)
respond_to do |format|
if @venue.save
format.html { redirect_to @venue, notice: "Venue was successfully created." }
format.json { render :show, status: :created, location: @venue }
else
format.html { render :new, status: :unprocessable_entity }
format.json { render json: @venue.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /venues/1 or /venues/1.json
def update
respond_to do |format|
if @venue.update(venue_params)
format.html { redirect_to @venue, notice: "Venue was successfully updated." }
format.json { render :show, status: :ok, location: @venue }
else
format.html { render :edit, status: :unprocessable_entity }
format.json { render json: @venue.errors, status: :unprocessable_entity }
end
end
end
# DELETE /venues/1 or /venues/1.json
def destroy
@venue.destroy
respond_to do |format|
format.html { redirect_to venues_url, notice: "Venue was successfully destroyed." }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_venue
@venue = Venue.find(params[:id])
end
# Only allow a list of trusted parameters through.
def venue_params
params.require(:venue).permit(:name)
end
end
我得到的错误是
于 2021 年 8 月 5 日开始 POST ::1 的“/用户”09:02:08 +1000 通过 Devise::RegistrationsController#create as TURBO_STREAM 处理 参数:{"authenticity_token"=>"[FILTERED]", "user"=>{"name"=>"test test", "email"=>"test@test.com", " venue"=>{"name"=>"test"}, "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up “} 不允许的参数::venue
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<div class="mb-3">
<%= f.input :name, autofocus: false, class: 'form-control', placeholder: "Full name" %>
</div>
<div class="mb-3">
<%= f.input :email, autofocus: false, class: 'form-control', placeholder: "Email Address" %>
</div>
<%= f.simple_fields_for :venue do |v| %>
<div class="mb-3">
<%= v.input :name, autofocus: false, class: 'form-control', placeholder: "Full name" %>
</div>
<% end %>
<div class="mb-3">
<%= f.input :password, autocomplete: "off", class: 'form-control', placeholder: 'Password' %>
</div>
<div class="mb-3">
<%= f.input :password_confirmation, autocomplete: "off", class: 'form-control', placeholder: 'Confirm Password' %>
</div>
<div class="mb-3 d-grid">
<%= f.button :submit, "Sign up" %>
</div>
<% end %>
<div class="text-center">
<%= render "devise/shared/links" %>
这是一个简单的复数错误。您的模型 has_many :venues 和 accepts_nested_attributes_for :venues 因此您需要在表单中使用复数形式 :venues:
<%= f.simple_fields_for :venues do |v| %>
<div class="mb-3">
<%= v.label :name %>
<%= v.input :name, autofocus: false, class: 'form-control' %>
</div>
<% end %>
你需要加入白名单venues_attributes:
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name, venues_attributes: [:name, :id]])
devise_parameter_sanitizer.permit(:account_update, keys: [:name, :avatar])
end