问题
I'm Getting an Error: I'm developing a web with Facebook Integration.. I'm new in ruby on rails. can you help with my problem.
ActiveModel::MassAssignmentSecurity::Error in SessionsController#create
Can't mass-assign protected attributes: name
This is my controller:
class SessionsController < ApplicationController
def create
#render :json => request.env['omniauth.auth'].to_yaml
auth = request.env['omniauth.auth']
unless @auth = Authorization.find_from_hash(auth)
@auth = Authorization.create_from_hash(auth, current_user)
end
self.current_user = @auth.user
render :text => "Welcome, #{current_user.name}."
end
end
This is my user model:
class User < ActiveRecord::Base
has_many :authorizations
attr_accessor :name, :uid, :provider
def self.create_from_hash!(hash)
#create(:name => hash['user_info']['name'])
create(:name => hash.info.name)
end
end
This is my authorization model:
class Authorization < ActiveRecord::Base
belongs_to :user
validates_presence_of :user_id, :uid, :provider
validates_uniqueness_of :uid, :scope => :provider
def self.find_from_hash(hash)
find_by_provider_and_uid(hash['provider'], hash['uid'])
end
def self.create_from_hash(hash, user = nil)
user ||= User.create_from_hash!(hash)
Authorization.create(:user => user, :uid => hash['uid'], :provider => hash['provider'])
end
end
how can I fix this .. Thanks in advance :)
回答1:
You certainly have enabled mass assignment protection (with config.active_record.whitelist_attributes = true in your config file), so you need to explicitly indicate which attributes can be updated by methods like update_attributes. You do it with attr_accessible.
In the User model, replace the following line (that seems useless)
attr_accessor :name, :uid, :provider
by
attr_accessible :name, :uid, :provider
See questions related to attr_accessor and attr_accessible for further informations here, here or here
来源:https://stackoverflow.com/questions/13008751/active-model-massassignmentsecurity-error