26

I try to do a simple create using rails 4

my controller:

class AdsController < ApplicationController

  def new
    @ad = Ad.new
  end

  def create
    @ad = Ad.new(params[:ad])    
    @ad.save
  end

  def show
    @ad = Ad.find(params[:id])
  end

  def index
    @ads = Ad.first(3)
  end


  private
  def ad_params    
    params.require(:ad).permit(:title, :price, :description)
  end
end

form:

<%= form_for @ad do |p| %>
  <p><%= p.text_field :title %></p>
  <p><%= p.text_field :price %></p>
  <p><%= p.text_area :description %></p>
  <p><%= p.submit %></p>
<% end %>

from my point of view it's ok but I got this error ActiveModel::ForbiddenAttributesError what I'm doing wrong?

UPDATE:

my problem was passing wrong value to new method in create action: the solution was to pass ad_params to it

4

4 回答 4

41

I would suggest skipping to update so your code works

Your problem is probably not in your controller, but your model: Check to see your attributes are accessible with the follow tag

attr_accessible :title, :price, :description

Rails 4 does do it a little different from what I understand, this previous SO answer provided some good links: How is attr_accessible used in Rails 4?

You need to use attr_accessible/Strong Params whenever you're accessing things from the database.

Update

Oh to be young, and not realize Rails 4 uses Strong Params. I understand the OP has already solved his original problem, but I'm going to correct this so it could actually be used as the right answer.

This would be a controller level issue, as Rails 4 requires you to whitelist attributes in the controller.

Ad.create(params[:ad].require(:ad).permit(:title, :price, :description))

Most of the time you'll be permitting the same params in the create and update action, so it's best to move it into its own method within the controller.

Ad.create(ad_params)
def ad_params
  params.require(:ad).permit(:title, :price, :description)
end

As OP pointed out in his comment, the permitted_params method he implemented was not being called from the permit.

于 2013-07-25T21:02:42.813 回答
32

I also faced same problem and worked for 6 hours, and finally got the solution.

Try this Code, it will help you! In Rails 4, this feature is added to deal with creation in different ways.

def new
  @ad = Ad.new
end

def create
  @ad = Ad.create(ad_params)
  @ad.save
end

private

def ad_params
  params.require(:ad).permit(:title, :price, :description)
end
于 2013-10-02T00:07:25.303 回答
6

Ad new before add params.permit!

   def create
     params.permit!
     @ad = Ad.new(params[:ad])    
     @ad.save
   end
于 2013-12-02T06:00:32.703 回答
1

Your's should look like this: 

def new
    @ad = Ad.new(params[:ad].permit(:title, :price, :description))
end

Mine looks like this:

def create
    @about = About.new(params[:about].permit(:introduction, :description))

    respond_to do |format|
        if @about.save
            format.html { redirect_to @about, notice: 'About was successfully created.' }
            format.json { render action: 'show', status: :created, location: @about }
        else
            format.html { render action: 'new' }
            format.json { render json: @about.errors, status: :unprocessable_entity }
        end
    end
end
于 2013-10-15T02:40:19.180 回答