Ruby on Rails:找到不允许的参数:_method,authenticity_token [英] Ruby on Rails: found unpermitted parameters: _method, authenticity_token
问题描述
我使用了本指南作为从头开始创建消息传递系统的起点.
I used this guide as a starting point for creating a messaging system from scratch.
一切正常.但是由于某些原因,每当我现在尝试通过在视图中单击以下链接来创建新对话时
Everything worked fine. But for some reason, whenever I now try to create a new conversation by clicking in my view the following link
<%= link_to 'Message me', conversations_path(sender_id: current_user.id, recipient_id: @user.id), class: 'btn btn-primary', method: :post %>
我遇到错误:
found unpermitted parameters: _method, authenticity_token
以下是参数:
{"_method"=>"post", "authenticity_token"=>"BL2XeA6BSjYliU2/rbdZiSnOj1N5/VMRhRIgN8LEXYPyWfxyiBM1SjYPofq7qO4+aqMhgojvnYyDyeLTcerrSQ==", "recipient_id"=>"1", "sender_id"=>"30", "controller"=>"conversations", "action"=>"create"}
我被定向到控制器中的params.permit
行:
I am directed to the params.permit
line in my controller:
class ConversationsController < ApplicationController
before_action :authenticate_user!
# GET /conversations
# GET /conversations.json
def index
@users = User.all
# Restrict to conversations with at least one message and sort by last updated
@conversations = Conversation.joins(:messages).uniq.order('updated_at DESC')
end
# POST /conversations
# POST /conversations.json
def create
if Conversation.between(params[:sender_id], params[:recipient_id]).present?
@conversation = Conversation.between(params[:sender_id], params[:recipient_id]).first
else
@conversation = Conversation.create!(conversation_params)
end
redirect_to conversation_messages_path(@conversation)
end
private
# Use callbacks to share common setup or constraints between actions.
def conversation_params
params.permit(:sender_id, :recipient_id)
end
end
奇怪的是,我之前没有这个问题,也没有进行任何更改.可能是什么问题?
Strangely, I did not have this issue before, and I have not made any changes. What might the issue be?
推荐答案
您的参数可能应该这样定义:
Your params should probably be defined like this:
def conversation_params
params.require(:conversation).permit(:sender_id, :recipient_id)
end
这应该确保不会阻止由表单自动生成的其他隐藏参数.
This should make sure that the other hidden parameters that are generated by the form automatically are not being blocked.
这篇关于Ruby on Rails:找到不允许的参数:_method,authenticity_token的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!