Rails 4 中动态表单的不允许的参数 [英] Unpermitted parameters for Dynamic Forms in Rails 4

问题描述

我是 Rails 的新手，并基于此构建了一些东西

I'm new to Rails and built something based on this

http://railscasts.com/episodes/403-dynamic-forms

但是我在附加字段中存储数据时遇到问题...我有一个 ProductType 对象，它有许多 ProductField 对象.ProductField 对象也属于 ProductType，而 Product 对象属于 ProductType.

but I have a problem with storing data in the additional fields... I have a ProductType object that has many ProductField objects. The ProductField object also belongs to a ProductType and Product object belongs to a ProductType.

因此，可以通过构造函数 ProductType 轻松添加新的动态字段，但是当我尝试通过 Product 控制器在此字段中设置数据时，什么也没有发生.

So,new dynamic fields can easily be added via the constructor ProductType, but when I try to set data in this fields via Product controller nothing happens.

我确定问题与使用强参数有关，但修复了描述的此处 和 此处 没有帮助.

I am sure that problem is related to use strong parameters, but fix described here and here did't help.

product.rb

class Product < ActiveRecord::Base
    belongs_to :product_type
    serialize :properties, Hash
end

product_type.rb

class ProductType < ActiveRecord::Base
    has_many :fields, class_name: "ProductField"
    accepts_nested_attributes_for :fields, allow_destroy: true
end

product_field.rb

class ProductField < ActiveRecord::Base
    belongs_to :product_type
end

products_controller.rb

class ProductsController < ApplicationController
    def new
    @product = Product.new(product_type_id: params[:product_type_id])
    end
    def product_params
    params.require(:product).permit(:name, :price, :product_type_id, {:properties => []})
    end

product_type_controller.rb

class ProductTypesController < ApplicationController
    def product_type_params
    params.require(:product_type).permit(:name, fields_attributes: [:id, :name, :field_type, :required, :product_type_id])
    end

在控制台日志中:不允许的参数:属性

In console log: Unpermitted parameters: properties

Started PATCH "/products/4" for 127.0.0.1 at 2013-10-04 22:54:59 +0400
Processing by ProductsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"my3ra60OUXexmmguk2eqRetizx3tWPMq04Z2PnODJMQ=", "product"=>{"product_type_id"=>"1", "name"=>"Product1", "properties"=>{"gjfghjf"=>"123", "123"=>[""]}, "price"=>"10"}, "commit"=>"Update Product", "id"=>"4"}
Product Load (0.3ms)  SELECT "products".* FROM "products" WHERE "products"."id" = ? LIMIT 1  [["id", "4"]]
Unpermitted parameters: properties

P.S:也许有人在观看播客时遇到过类似的问题?

P.S: maybe someone faced a similar problem when watching a podcast?

推荐答案

如果你想返回一个嵌套的哈希作为参数，你必须在 permit 中命名数组中的键.

If you want to return a nested hash as a parameter you have to name the keys in the array in permit.

class ProductsController < ApplicationController
def new
@product = Product.new(product_type_id: params[:product_type_id])
end
def product_params
params.require(:product).permit(:name, :price, :product_type_id, {:properties => [:foo, :bar, :id]})
end

如果您动态生成密钥并且无法将它们编码到permit 语句中，那么您需要使用这种样式:

If you are generating the keys dynamically and can't code them into the permit statement then you need to use this style:

def product_params
  params.require(:product).permit(:name, :price, :product_type_id).tap do |whitelisted|
    whitelisted[:properties] = params[:product][:properties]
  end
end

这对新用户来说不是最友好的代码，我刚刚在 UW 完成了 3 门课程的 rails 证书，他们甚至从未涵盖 .tap.

It's not the most friendly code for a new user, I just finished the 3 course rails certificate at UW and they never even covered .tap.

这不是我的工作，我仍然只是像这样理解 .permit 的更深层部分.这是我使用的博客条目:Strong Parameters by Example

This is not my work, I'm still just understanding the deeper parts of .permit like this. This is the blog entry I used: Strong Parameters by Example

这篇关于Rails 4 中动态表单的不允许的参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！