Rails 4 个具有多个对象和整数键的强参数
Rails 4 Strong Params with multiple objects and integer keys
我一次提交包含 2-4 个对象的表单,具体取决于父对象的数量。我意识到这可能是非常规的,但我真的希望用户能够在一个表单上同时编辑所有对象。在我的表格上,我正在做:
<%= simple_fields_for "derps[]", derp do |f| %>
<% end %>
然后我在控制器中这样做:
def update
@derps = []
@rejects = []
derps_params.each do |key, hash|
derp = Derp.find(key)
derp.assign_attributes(hash)
@rejects << derp unless derp.save
end
if @rejects.empty?
redirect_to @parent, flash: {success: 'Derps were successfully updated.'}
else
@derps = @rejects
render :edit
end
end
假设有两个对象 - 参数如下:
"derps"=>{"1"=>{"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"}, "2"=>{"attribute"=>"30", "another_attribute"=>"49", }}
我在没有强参数的情况下在 Rails 3 中工作。我正在升级到 rails 4,我正在为如何让它工作而苦苦挣扎 - 我一直在 "Unpermitted parameters: 1, 2"
我假设我需要做类似的事情:
def mashes_params
params.require(:derps).permit(
id: []
或
def mashes_params
params.require(:derps).permit(
:id,
按照这些思路,但我已经尝试了所有我能想到的方法,但运气不佳。
有什么想法吗?
我发现命令行对于调试 Rails 中的强参数非常有帮助。这是我在控制台中测试您的问题的方法:
rails c # From within your project directory, short for 'rails console'
params = ActionController::Parameters.new( { derps: { 1 => { attribute: 39, another_attribute: "serp" }, 2 => { attribute: 30, another_attribute: 49 } } } )
params # To make sure that the object looks the same
permitted = params.require( :derps ).permit( 1 => [ :attribute, :another_attribute ], 2 => [ :attribute, :another_attribute ] )
permitted # To see what you'd get back in your controller
希望使用此工具,您将能够比反复试验更容易地调试我的答案未提供的任何内容。
最终编辑(希望如此):
不得不从头开始重新考虑这个问题。我得出结论:既然 :id 用作通配符,但不允许作为哈希的键,为什么不总是将键设置为 1-4,这样我就可以明确地将它们列入白名单,然后从键中获取 ID-散列中的值,很像传统形式的嵌套吗?这就是我最终解决它的方式。这是我正在使用的最终实现:
<% i = @parent.derps.index(derp) + 1 %>
<%= simple_fields_for "derps[#{i}]", derp do |f| %>
<%= f.hidden_field :id, value: derp.id %>
<%= render "rest_of_the_fields" %>
<% end %>
然后在控制器中:
def update
@derps = []
@rejects = []
derp_params.each do |key, hash|
derp = Derp.find(hash.delete("id"))
derp.assign_attributes(hash)
@rejects << derp unless derp.save
end
if @rejects.empty?
redirect_to @parent, flash: {success: "Derps updated successfully."}
else
@derps = @rejects
render :edit
end
end
然后是强参数:
def derp_params
p = [:id, :attribute_1, :another_attribute, ...]
params.require(:derps).permit(
"1" => p, "2" => p, "3" => p, "4" => p
)
end
呸。希望这对某人有所帮助。
我见过的绝对最佳解决方案是 here:
def product_params
properties_keys = params[:product].try(:fetch, :properties, {}).keys
params.require(:product).permit(:title, :description, properties: properties_keys)
end
由于我的 property_keys 有更多嵌套的键和值,我又做了一项更改以遍历未命名的键:
response_keys = params[:survey][:responses].try(:fetch, :properties, {}).keys
params.require(:survey).permit(responses: response_keys.map {|rk| [rk => [:question_id, :answer_id, :value]]})
这是我目前使用的方法。您可以像这样一一允许每个嵌套参数:
params = ActionController::Parameters.new(
"derps" => {
"1" => {
"attribute" => "39",
"another_attribute" => "serp",
"a_third_attribute" => "yerp"
},
"2" => {
"attribute" => "30",
"another_attribute" => "49"
}
}
)
# => <ActionController::Parameters {"derps"=>{"1"=>{"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"}, "2"=>{"attribute"=>"30", "another_attribute"=>"49"}}} permitted: false>
params.fetch(:derps).map do |i, attrs|
[
i,
ActionController::Parameters.new(attrs).permit(
:attribute,
:another_attribute,
:a_third_attribute,
)
]
end.to_h.with_indifferent_access
#=> {"1"=><ActionController::Parameters {"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"} permitted: true>, "2"=><ActionController::Parameters {"attribute"=>"30", "another_attribute"=>"49"} permitted: true>}
这是一种基于 Greg Blass
上述回答的肮脏方法
这可以处理无限数量的带有嵌套参数的索引
def foo_bar_params
num_keys = params[:foo_bars].keys.size
the_params = [:id, :attr1, :attr2, :another]
permit_hash = {}
i = 0
while i < num_entries
permit_hash[i.to_s] = the_params
i += 1
end
params.require(:foo_bars).permit(permit_hash)
end
我敢肯定有一种更好的方法可以做到这一点,但这种方法是可读的,我可以很容易地分辨出发生了什么......最重要的是它有效
我一次提交包含 2-4 个对象的表单,具体取决于父对象的数量。我意识到这可能是非常规的,但我真的希望用户能够在一个表单上同时编辑所有对象。在我的表格上,我正在做:
<%= simple_fields_for "derps[]", derp do |f| %>
<% end %>
然后我在控制器中这样做:
def update
@derps = []
@rejects = []
derps_params.each do |key, hash|
derp = Derp.find(key)
derp.assign_attributes(hash)
@rejects << derp unless derp.save
end
if @rejects.empty?
redirect_to @parent, flash: {success: 'Derps were successfully updated.'}
else
@derps = @rejects
render :edit
end
end
假设有两个对象 - 参数如下:
"derps"=>{"1"=>{"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"}, "2"=>{"attribute"=>"30", "another_attribute"=>"49", }}
我在没有强参数的情况下在 Rails 3 中工作。我正在升级到 rails 4,我正在为如何让它工作而苦苦挣扎 - 我一直在 "Unpermitted parameters: 1, 2"
我假设我需要做类似的事情:
def mashes_params
params.require(:derps).permit(
id: []
或
def mashes_params
params.require(:derps).permit(
:id,
按照这些思路,但我已经尝试了所有我能想到的方法,但运气不佳。
有什么想法吗?
我发现命令行对于调试 Rails 中的强参数非常有帮助。这是我在控制台中测试您的问题的方法:
rails c # From within your project directory, short for 'rails console'
params = ActionController::Parameters.new( { derps: { 1 => { attribute: 39, another_attribute: "serp" }, 2 => { attribute: 30, another_attribute: 49 } } } )
params # To make sure that the object looks the same
permitted = params.require( :derps ).permit( 1 => [ :attribute, :another_attribute ], 2 => [ :attribute, :another_attribute ] )
permitted # To see what you'd get back in your controller
希望使用此工具,您将能够比反复试验更容易地调试我的答案未提供的任何内容。
最终编辑(希望如此):
不得不从头开始重新考虑这个问题。我得出结论:既然 :id 用作通配符,但不允许作为哈希的键,为什么不总是将键设置为 1-4,这样我就可以明确地将它们列入白名单,然后从键中获取 ID-散列中的值,很像传统形式的嵌套吗?这就是我最终解决它的方式。这是我正在使用的最终实现:
<% i = @parent.derps.index(derp) + 1 %>
<%= simple_fields_for "derps[#{i}]", derp do |f| %>
<%= f.hidden_field :id, value: derp.id %>
<%= render "rest_of_the_fields" %>
<% end %>
然后在控制器中:
def update
@derps = []
@rejects = []
derp_params.each do |key, hash|
derp = Derp.find(hash.delete("id"))
derp.assign_attributes(hash)
@rejects << derp unless derp.save
end
if @rejects.empty?
redirect_to @parent, flash: {success: "Derps updated successfully."}
else
@derps = @rejects
render :edit
end
end
然后是强参数:
def derp_params
p = [:id, :attribute_1, :another_attribute, ...]
params.require(:derps).permit(
"1" => p, "2" => p, "3" => p, "4" => p
)
end
呸。希望这对某人有所帮助。
我见过的绝对最佳解决方案是 here:
def product_params
properties_keys = params[:product].try(:fetch, :properties, {}).keys
params.require(:product).permit(:title, :description, properties: properties_keys)
end
由于我的 property_keys 有更多嵌套的键和值,我又做了一项更改以遍历未命名的键:
response_keys = params[:survey][:responses].try(:fetch, :properties, {}).keys
params.require(:survey).permit(responses: response_keys.map {|rk| [rk => [:question_id, :answer_id, :value]]})
这是我目前使用的方法。您可以像这样一一允许每个嵌套参数:
params = ActionController::Parameters.new(
"derps" => {
"1" => {
"attribute" => "39",
"another_attribute" => "serp",
"a_third_attribute" => "yerp"
},
"2" => {
"attribute" => "30",
"another_attribute" => "49"
}
}
)
# => <ActionController::Parameters {"derps"=>{"1"=>{"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"}, "2"=>{"attribute"=>"30", "another_attribute"=>"49"}}} permitted: false>
params.fetch(:derps).map do |i, attrs|
[
i,
ActionController::Parameters.new(attrs).permit(
:attribute,
:another_attribute,
:a_third_attribute,
)
]
end.to_h.with_indifferent_access
#=> {"1"=><ActionController::Parameters {"attribute"=>"39", "another_attribute"=>"serp", "a_third_attribute"=>"yerp"} permitted: true>, "2"=><ActionController::Parameters {"attribute"=>"30", "another_attribute"=>"49"} permitted: true>}
这是一种基于 Greg Blass
上述回答的肮脏方法这可以处理无限数量的带有嵌套参数的索引
def foo_bar_params
num_keys = params[:foo_bars].keys.size
the_params = [:id, :attr1, :attr2, :another]
permit_hash = {}
i = 0
while i < num_entries
permit_hash[i.to_s] = the_params
i += 1
end
params.require(:foo_bars).permit(permit_hash)
end
我敢肯定有一种更好的方法可以做到这一点,但这种方法是可读的,我可以很容易地分辨出发生了什么......最重要的是它有效