0

我知道您应该使用“attr_accessible”来允许批量分配保护,这实际上就是我在我的用户模型中所做的。怎么还抱怨?

Can't mass-assign protected attributes: email, password

用户控制器:

class UsersController < ApplicationController

  def index
    @users = User.new
  end

  def show
    @user = User.find(2)
  end

  def login
    @user = Project.new(params[:user])
    ...
  end

end

用户模型:

class User < ActiveRecord::Base
  has_and_belongs_to_many :projects
  belongs_to :project
  belongs_to :ticket

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password
end

视图,_navigation.html.erb:

<%= form_for("user", :url => login_users_path, :html => { :method => :post }) do |f| %>
    <%= f.label :email%>
    <%= f.text_field(:email, :size => 30, :class => 'login_field', :placeholder => 'Användarnamn')%>
    <%= f.label :password%>
    <%= f.text_field(:password, :size => 30, :class => 'login_field', :placeholder => 'Lösenord')%>

    <%= f.submit "Logga in", :class => 'login_submit btn btn-primary' %>
<% end %>

来自 config/routes.rb:

resources :users do
  post :login, on: :collection, as: :login
end

因为我正在使用上面的集合,所以它应该(据我所知)是我正在使用的正确控件/模型(用户)?

4

2 回答 2

3

我认为应该User不是Project

   def login
     @user = User.new(params[:user])
     ...
   end
于 2013-02-06T15:18:04.500 回答
2

您还应该将索引操作更改为:

def index
  @users = Users.all
end

并采取行动:

def show
  @user = User.find(params[:id])
end
于 2013-02-06T15:34:20.347 回答