我正在使用回形针上传用户个人资料的个人资料图片。该users
表具有以下列avatar
<%= form_for(:avatar, :remote => true , :url => '/profiles/uploadProfileImage',:multipart => true , :html => { :id => 'upload_qimage'}) do |f| %>
<%= f.hidden_field :id , :value => Digest::MD5.hexdigest((current_user.id + Time.now.to_i).to_s )[0,7] %>
<%= f.file_field :avatar, :onchange => "$(this).parents('form').submit(); before_submit() ; ",class: "image_textbox" %>
<% end %>
user.rb 有以下代码:
attr_accessible :avatars_attributes
has_attached_file :avatar,:path => ':rails_root/public/assets/profileimage/:basename_:style.:extension', :styles => {:small => '415x325>' }
和控制器:
def uploadProfileImage
@user = User.find(:id => current_user.id)
@user.update_attributes(:avatars_attributes => params[:avatar])
if @user.save
respond_to do |format|
format.js
end
end
end
它给了我一个错误说 Can't mass-assign protected attributes: avatars_attributes:
日志:
Started PUT "/profiles/uploadProfileImage" for 127.0.0.1 at 2013-10-24 14:04:16 +0530
Processing by ProfilesController#uploadProfileImage as JS
Parameters: {"user"=>{"avatar"=>#<ActionDispatch::Http::UploadedFile:0xbe31de4 @original_filename="129f3a8_1_small.jpg", @content_type="image/jpeg", @headers="Content-Disposition: form-data; name=\"user[avatar]\"; filename=\"129f3a8_1_small.jpg\"\r\nContent-Type: image/jpeg\r\n", @tempfile=#<Tempfile:/tmp/RackMultipart20131024-3430-1rdcqt8>>}, "utf8"=>"✓", "authenticity_token"=>"Zkr4+9+DkRuPiS4pUzymOOsc0gRWM8GrGJcfKoVa83w=", "remotipart_submitted"=>"true", "X-Requested-With"=>"IFrame", "X-Http-Accept"=>"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 1 LIMIT 1
CACHE (0.0ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 1 LIMIT 1
(0.1ms) BEGIN
(0.1ms) ROLLBACK
Completed 500 Internal Server Error in 8ms
ActiveModel::MassAssignmentSecurity::Error - Can't mass-assign protected attributes: avatar:
activemodel (3.2.13) lib/active_model/mass_assignment_security/sanitizer.rb:48:in `process_removed_attributes'
activemodel (3.2.13) lib/active_model/mass_assignment_security/sanitizer.rb:20:in `debug_protected_attribute_removal'
activemodel (3.2.13) lib/active_model/mass_assignment_security/sanitizer.rb:12:in `sanitize'
activemodel (3.2.13) lib/active_model/mass_assignment_security.rb:230:in `sanitize_for_mass_assignment'
activerecord (3.2.13) lib/active_record/attribute_assignment.rb:75:in `assign_attributes'
activerecord (3.2.13) lib/active_record/persistence.rb:216:in `block in update_attributes'
activerecord (3.2.13) lib/active_record/transactions.rb:313:in `block in with_transaction_returning_status'
activerecord (3.2.13) lib/active_record/connection_adapters/abstract/database_statements.rb:192:in `transaction'
activerecord (3.2.13) lib/active_record/transactions.rb:208:in `transaction'
activerecord (3.2.13) lib/active_record/transactions.rb:311:in `with_transaction_returning_status'
activerecord (3.2.13) lib/active_record/persistence.rb:215:in `update_attributes'
app/controllers/profiles_controller.rb:31:in `uploadProfileImage'
第 30-31 行是:
@user = User.find(current_user.id)
@user.update_attributes(params[:user])