您好我正在一个应用程序中工作,您可以在其中为产品投票,并且从我的投票视图的新操作中我收到此错误:
ActiveModel::MassAssignmentSecurity::VotesController#create 中的错误
无法批量分配受保护的属性:产品、用户
我在 Rails 控制台上进行了测试,它可以工作。所以我不知道这是怎么回事。
以下是模型:
class Product < ActiveRecord::Base
attr_accessible :title
has_many :votes
has_many :users, :through => :votes
has_attached_file :photo, :styles => { :medium => "300x300" }
before_save { |product| product.title = title.titlecase }
validates :title, presence: true, uniqueness: { case_sensitive: false }
validates :photo, :attachment_presence => true
end
class User < ActiveRecord::Base
has_many :votes
has_many :products, :through => :votes
def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
user.provider = auth.provider
user.uid = auth.uid
user.name = auth.info.name
user.oauth_token = auth.credentials.token
user.oauth_expires_at = Time.at(auth.credentials.expires_at)
user.save!
end
end
end
class Vote < ActiveRecord::Base
attr_accessible :product_id, :user_id
belongs_to :product
belongs_to :user
end
这是投票控制器
class VotesController < ApplicationController
# GET /votes
# GET /votes.json
def index
@votes = Vote.all
respond_to do |format|
format.html # index.html.erb
format.json { render json: @votes }
end
end
# GET /votes/1
# GET /votes/1.json
def show
@vote = Vote.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.json { render json: @vote }
end
end
# GET /votes/new
# GET /votes/new.json
def new
@vote = Vote.new
respond_to do |format|
format.html # new.html.erb
format.json { render json: @vote }
end
end
# GET /votes/1/edit
def edit
@vote = Vote.find(params[:id])
end
# POST /votes
# POST /votes.json
def create
@vote = Vote.new(params[:vote])
respond_to do |format|
if @vote.save
format.html { redirect_to @vote, notice: 'Vote was successfully created.' }
format.json { render json: @vote, status: :created, location: @vote }
else
format.html { render action: "new" }
format.json { render json: @vote.errors, status: :unprocessable_entity }
end
end
end
# PUT /votes/1
# PUT /votes/1.json
def update
@vote = Vote.find(params[:id])
respond_to do |format|
if @vote.update_attributes(params[:vote])
format.html { redirect_to @vote, notice: 'Vote was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: "edit" }
format.json { render json: @vote.errors, status: :unprocessable_entity }
end
end
end
# DELETE /votes/1
# DELETE /votes/1.json
def destroy
@vote = Vote.find(params[:id])
@vote.destroy
respond_to do |format|
format.html { redirect_to votes_url }
format.json { head :no_content }
end
end
end
这是新的投票视图
<%= form_for(@vote) do |f| %>
<% if @vote.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@vote.errors.count, "error") %> prohibited this vote from being saved:</h2>
<ul>
<% @vote.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :product %><br />
<%= f.text_field :product %>
</div>
<div class="field">
<%= f.label :user %><br />
<%= f.text_field :user %>
</div>
<div class="actions">
<%= f.submit %>
</div>
<% end %>
请我真的需要你的帮助来解决这个问题,很难找到一个 has_many 的教程:通过包含完整的 MVC 示例,我认为我的问题已经出现,但我不知道。
谢谢!