Rails 4中动态表单的不允许的参数 [英] Unpermitted parameters for Dynamic Forms in Rails 4

问题描述

我是Rails的新手，并以此为基础构建了一些东西

I'm new to Rails and built something based on this

http://railscasts.com/episodes/403-dynamic-forms

但是我在其他字段中存储数据时遇到了问题... 我有一个具有许多ProductField对象的ProductType对象. ProductField对象也属于ProductType，而Product对象属于ProductType.

but I have a problem with storing data in the additional fields... I have a ProductType object that has many ProductField objects. The ProductField object also belongs to a ProductType and Product object belongs to a ProductType.

因此，可以通过构造函数ProductType轻松添加新的动态字段，但是当我尝试通过Product控制器在此字段中设置数据时，没有任何反应.

So,new dynamic fields can easily be added via the constructor ProductType, but when I try to set data in this fields via Product controller nothing happens.

我确定问题与使用强参数有关，但已解决此处没有帮助.

I am sure that problem is related to use strong parameters, but fix described here and here did't help.

product.rb

class Product < ActiveRecord::Base
    belongs_to :product_type
    serialize :properties, Hash
end

product_type.rb

class ProductType < ActiveRecord::Base
    has_many :fields, class_name: "ProductField"
    accepts_nested_attributes_for :fields, allow_destroy: true
end

product_field.rb

class ProductField < ActiveRecord::Base
    belongs_to :product_type
end

products_controller.rb

class ProductsController < ApplicationController
    def new
    @product = Product.new(product_type_id: params[:product_type_id])
    end
    def product_params
    params.require(:product).permit(:name, :price, :product_type_id, {:properties => []})
    end

product_type_controller.rb

class ProductTypesController < ApplicationController
    def product_type_params
    params.require(:product_type).permit(:name, fields_attributes: [:id, :name, :field_type, :required, :product_type_id])
    end

在控制台日志中: 不允许的参数:属性

In console log: Unpermitted parameters: properties

Started PATCH "/products/4" for 127.0.0.1 at 2013-10-04 22:54:59 +0400
Processing by ProductsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"my3ra60OUXexmmguk2eqRetizx3tWPMq04Z2PnODJMQ=", "product"=>{"product_type_id"=>"1", "name"=>"Product1", "properties"=>{"gjfghjf"=>"123", "123"=>[""]}, "price"=>"10"}, "commit"=>"Update Product", "id"=>"4"}
Product Load (0.3ms)  SELECT "products".* FROM "products" WHERE "products"."id" = ? LIMIT 1  [["id", "4"]]
Unpermitted parameters: properties

P.S:也许有人在观看播客时遇到类似的问题?

P.S: maybe someone faced a similar problem when watching a podcast?

推荐答案

如果要返回嵌套哈希作为参数，则必须在permit中命名数组中的键.

If you want to return a nested hash as a parameter you have to name the keys in the array in permit.

class ProductsController < ApplicationController
def new
@product = Product.new(product_type_id: params[:product_type_id])
end
def product_params
params.require(:product).permit(:name, :price, :product_type_id, {:properties => [:foo, :bar, :id]})
end

如果要动态生成密钥，并且无法将其编码为permit语句，则需要使用以下样式:

If you are generating the keys dynamically and can't code them into the permit statement then you need to use this style:

def product_params
  params.require(:product).permit(:name, :price, :product_type_id).tap do |whitelisted|
    whitelisted[:properties] = params[:product][:properties]
  end
end

对于新用户来说，这不是最友好的代码，我刚刚在UW完成了3门Rails证书，而他们甚至都没有涉及.tap.

It's not the most friendly code for a new user, I just finished the 3 course rails certificate at UW and they never even covered .tap.

这不是我的工作，我仍然只是像这样理解.permit的更深部分.这是我使用的博客条目:示例的强大参数

This is not my work, I'm still just understanding the deeper parts of .permit like this. This is the blog entry I used: Strong Parameters by Example

这篇关于Rails 4中动态表单的不允许的参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！