-1

我知道这是一个流行的错误,但我的用户模型中有 class User < ActiveRecord::Base attr_protected :provider, :uid, :name, :email ,但仍然收到此错误。

这是详细信息:

ActiveModel::MassAssignmentSecurity::Error in UsersController#update

Can't mass-assign protected attributes: email
Rails.root: /Users/ewalker/Documents/alift

Application Trace | Framework Trace | Full Trace
app/controllers/users_controller.rb:19:in `update'
Request

Parameters:

{"utf8"=>"✓",
 "_method"=>"put",
 "authenticity_token"=>"F+5itYNqPddn4usVgIJwzG+PSz50Up7mqZs50x3f9Ho=",
 "user"=>{"email"=>"erin@walkersmidas.com"},
 "commit"=>"Sign in",
 "id"=>"1"}

我的用户控制器:

class UsersController < ApplicationController



def show
  @user = User.find(params[:id]) 
end

def index
  @users = User.all
end

def edit
  @user = User.find(params[:id])
end

def update
  @user = User.find(params[:id])
  if @user.update_attributes(params[:user])
    redirect_to @user
  else
    render :edit
  end
end
end

用户型号:

class User < ActiveRecord::Base
attr_protected :provider, :uid, :name, :email

has_many :posts, dependent: :destroy

  def self.from_omniauth(auth)
    where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
      user.provider = auth.provider
      user.uid = auth.uid
      user.name = auth.info.name
      user.oauth_token = auth.credentials.token
      user.oauth_expires_at = Time.at(auth.credentials.expires_at)
      user.save!
    end
  end
end

和编辑表格:

<%= form_for(@user) do |f| %>
  <%= f.label :email %>
  <%= f.text_field :email %>
  <br />
  <%= f.submit "Sign " %>
<% end %>

谢谢

4

1 回答 1

4

attr_protected防止批量分配,因此错误是可以预料的。attr_accessible :email可能是您想要的,这允许在批量分配中设置属性。

于 2013-06-23T18:03:45.170 回答