1

User model与一个有has_one :image关系Image model。我希望每个用户都有一张照片,但我希望将照片存储在与用户模型分开的模型中,即图像模型。我正在使用回形针来帮助添加图像。但是,当我尝试通过视图创建新用户时,出现以下错误:

ActiveModel::MassAssignmentSecurity::Error in UsersController#create
Can't mass-assign protected attributes: image_attributes

我没有 image_attributes 变量。为什么会这样?我的实施有缺陷吗?我想要一个单独的表格来保存图像,因为将来我希望用户有很多图像。

<% provide(:title, 'Sign up') %>
<h1>Sign up</h1>

<%= form_for @user do |f| %>

<%= render 'shared/error_messages' %>

      <%= f.label :first_name %>
      <%= f.text_field :first_name %>
<br>
      <%= f.label :last_name %>
      <%= f.text_field :last_name %>
<br>
      <%= f.label :email %>
      <%= f.text_field :email %>
<br>

<%= f.fields_for :image, :html => {:multipart => true} do |asset| %>
      <%= asset.label :photo %>
      <%= asset.file_field :photo %>
  <% end %>


<br>
      <%= f.label :password %>
      <%= f.password_field :password %>
<br>
      <%= f.label :password_confirmation, "Confirmation" %>
      <%= f.password_field :password_confirmation %>
<br>
      <%= f.submit "Create my account"%>
    <% end %>

用户控制器

  class UsersController < ApplicationController

  #calls method signed_in_users.
  before_filter :signed_in_user, only: [:index, :edit, :update, :show]
  #ensures only the correct user can modify their own data
  before_filter :correct_user,   only: [:edit, :update]


  def new
    @user = User.new
    #@user.image.build
    @user.build_image

  end

  def show # personal profile page

    #Method to make sure only the signed in user can edit their information
    if User.id_equals_cookie(params[:id], cookies[:remember_token])
      @user = User.find(params[:id])
    else
      redirect_to root_url
    end
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      sign_in @user #method defined in sessions_helper
      flash[:notice] = "Thank you for signing up." #the view template must be configured to be seen.
      redirect_to @user #does user_path work???
    else
      render 'new' #flash[:warning]
    end
  end

  def edit
  end

  def update
    @user = User.find(params[:id])
    if @user.update_attributes(params[:user])
      flash[:success] = "Profile updated"
      sign_in @user
      redirect_to @user
    else
      render 'edit'
    end
  end

  def index

  end


  private

  #should this be in the users_helper.rb file
    def signed_in_user
      redirect_to signin_url, notice: "Please sign in." unless signed_in?
    end

    def correct_user
      @user = User.find(params[:id])
      redirect_to(root_path) unless current_user?(@user) #current_user is defined in the sessions_helper.rb
    end

end

用户模型

# == Schema Information
#
# Table name: users
#
#  id              :integer          not null, primary key
#  email           :string(255)
#  created_at      :datetime         not null
#  updated_at      :datetime         not null
#  password_digest :string(255)
#  remember_token  :string(255)
#  first_name      :string(255)
#  last_name       :string(255)
#  full_name       :string(255)
#  birthdate       :date
#

class User < ActiveRecord::Base
  has_one :image, :dependent => :destroy #images?
  accepts_nested_attributes_for :image #images?
  attr_accessible :email, :first_name, :last_name, :full_name, :birthdate, :password, :password_confirmation

  #magic to require a password, make sure passwords match, authenticate
  has_secure_password

  before_save { |user| user.email = email.downcase } #help ensure uniqueness
  before_save :create_remember_token

  #validates :name,  presence: true, length: { maximum: 50 }
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {case_sensitive: false}
  validates :password, presence: true, length: { minimum: 6 }
  validates :password_confirmation, presence: true


  def self.id_equals_cookie(id, cookie)
    @user_of_cookie = find_by_remember_token(cookie)
    @user_of_id = find(id)    
    if @user_of_cookie == nil
      false
    elsif @user_of_id == @user_of_cookie
      true
    else
      false
    end
  end

  private

    def create_remember_token
      self.remember_token = SecureRandom.urlsafe_base64
    end
end

图像模型

# == Schema Information
#
# Table name: images
#
#  id                 :integer          not null, primary key
#  created_at         :datetime         not null
#  updated_at         :datetime         not null
#  photo_file_name    :string(255)
#  photo_content_type :string(255)
#  photo_file_size    :integer
#  photo_updated_at   :datetime
#  user_id            :integer
#


require 'paperclip'
class Image < ActiveRecord::Base
  belongs_to :user
  has_attached_file :photo
  attr_accessible :photo, :photo_file_name, :photo_content_type, :photo_file_size, :photo_updated_at

end
4

2 回答 2

1

把它写在你的模型中

attr_accessible :image_attributes
于 2012-09-26T11:20:04.033 回答
0

做就是了attr_accessible :photo_attributes

于 2012-09-26T11:14:51.927 回答