Ruby on Rails:找到不允许的参数:_method，authenticity_token [英] Ruby on Rails: found unpermitted parameters: _method, authenticity_token

问题描述

我使用了本指南作为从头开始创建消息传递系统的起点.

I used this guide as a starting point for creating a messaging system from scratch.

一切正常.但是由于某些原因，每当我现在尝试通过在视图中单击以下链接来创建新对话时

Everything worked fine. But for some reason, whenever I now try to create a new conversation by clicking in my view the following link

<%= link_to 'Message me', conversations_path(sender_id: current_user.id, recipient_id: @user.id), class: 'btn btn-primary', method: :post %>

我遇到错误:

found unpermitted parameters: _method, authenticity_token

以下是参数:

{"_method"=>"post", "authenticity_token"=>"BL2XeA6BSjYliU2/rbdZiSnOj1N5/VMRhRIgN8LEXYPyWfxyiBM1SjYPofq7qO4+aqMhgojvnYyDyeLTcerrSQ==", "recipient_id"=>"1", "sender_id"=>"30", "controller"=>"conversations", "action"=>"create"}

我被定向到控制器中的params.permit行:

I am directed to the params.permit line in my controller:

class ConversationsController < ApplicationController
  before_action :authenticate_user!

  # GET /conversations
  # GET /conversations.json
  def index
    @users = User.all

    # Restrict to conversations with at least one message and sort by last updated
    @conversations = Conversation.joins(:messages).uniq.order('updated_at DESC')
  end

  # POST /conversations
  # POST /conversations.json
  def create
    if Conversation.between(params[:sender_id], params[:recipient_id]).present?
      @conversation = Conversation.between(params[:sender_id], params[:recipient_id]).first
    else
      @conversation = Conversation.create!(conversation_params)
    end

    redirect_to conversation_messages_path(@conversation)
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def conversation_params
      params.permit(:sender_id, :recipient_id)
    end
end

奇怪的是，我之前没有这个问题，也没有进行任何更改.可能是什么问题?

Strangely, I did not have this issue before, and I have not made any changes. What might the issue be?

推荐答案

您的参数可能应该这样定义:

Your params should probably be defined like this:

def conversation_params
  params.require(:conversation).permit(:sender_id, :recipient_id)
end

这应该确保不会阻止由表单自动生成的其他隐藏参数.

This should make sure that the other hidden parameters that are generated by the form automatically are not being blocked.

这篇关于Ruby on Rails:找到不允许的参数:_method，authenticity_token的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！