mass-assignment

问题 I wonder what wrong in my code that I can't protected 2 input username and password In my controller: class AccountsController extends \BaseController { ... public function store() { $date = new \DateTime; $input['updated_at']=$date; $input['created_at']=$date; $input['username']=Input::get("username", ""); $input['password']=Input::get("password", ""); $input['sex']=Input::get("sex", ""); $input['dob']=Input::get("dob", ""); $input['dob']= date("Y-m-d", strtotime($input['dob'])); $v

问题 I would like to save query result into redis using JSON serialization and query it back. Getting query results to json is pretty easy: JSON.generate(Model.all.collect {|item| item.attributes}) However I did not find a proper way to deserialize it back to ActiveRecord. The most straight-forward way: JSON.parse(@json_string).collect {|item| Model.new.from_json(item)} Gives me an error: WARNING: Can't mass-assign protected attributes: id So id gets empty. I thought of just using OpenStruct for

问题 Updating the code formatting for better viewing. Folks, I have been looking at this for sometime but I don't understand what could be messing up here. I am using Devise. class User < ActiveRecord::Base has_many :addresses accepts_nested_attributes_for :addresses # Other stuff here end class Address < ActiveRecord::Base belongs_to :user validates_presence_of :zip #:street_address1, end -------------------- log output begin ------------------------------ Started POST "/users" for 127.0.0.1 at

问题 In this post, slice function is used to get only necessary elements of params. What would be the function I should use to exclude an element of params (such as user_id)? Article.new(params[:article].slice(:title, :body)) Thank you. 回答1: Use except: a = {"foo" => 0, "bar" => 42, "baz" => 1024 } a.except("foo") # returns => {"bar" => 42, "baz" => 1024} 回答2: Try this params = { :title => "title", :other => "other", :body => "body" } params.select {|k,v| [:title, :body].include? k } #=> {:title =

问题 After reading about attr_accessible in the Rails 3.1 API, I see that there is an as :admin option in there. I would like to know two things. If the user has an admin flag, how do does my controller tell my model that the user is an admin. If the user is an owner, can i specify :as => owner in my model, and once again how does my controller inform my model they are the owner of an item. 回答1: There is no built-in integration with models; you pass in the role in the assign_attributes call:

问题 In rails 3.2.1, I have a model: class Player < ActiveRecord::Base attr_accessor :password attr_accessible :email, :password attr_accessible :email, :password, :confirmed, :as => :admin end I keep getting a ActiveModel::MassAssignmentSecurity::Error for the following: params[:player] #=> {:email => "some@email.com", :password => "12345", :confirmed => true) player = Player.new(params[:player]) Why is this happening when all I want it to do is ignore the :confirmed attribute and move on with it

问题 Let's say for the following actions' controller: class PostsController < ApplicationController def create @post = Post.create(post_params) end private def post_params params.require(:post).permit(:title, :content) end end Is there a one-line way to do something like this when creating a record : def create @post = Post.create(post_params, user_id: current_user.id) end What would be the clean way to do it ? Is it possible ? 回答1: params is an instance of ActionController::Parameters, which

问题 I have a model BlogPost defined as class BlogPost < ActiveRecord::Base attr_accessible :title, :body, :photo, :photos_attributes, as: :admin has_many :photos, class_name: 'BlogPhoto', dependent: :destroy validates :body, :photo, :title, presence: true validates :title, uniqueness: true accepts_nested_attributes_for :photos, allow_destroy: true end from schema create_table "blog_posts", :force => true do |t| t.string "title" t.text "body" t.datetime "created_at", :null => false t.string "photo

问题 Following the ruby on rails guide developer can't mass-assign protected fields but don't get exception trying to do it, right? But in my case mass-assignment different params through new method in rails application: @edition = Edition.new params[:edition] raise following exception: ActiveModel::MassAssignmentSecurity::Error: Can't mass-assign protected attributes: price Why? Did I understand something incorrectly? Is it a way not to get the mass-assignment exception? It's not convenient to

问题 I've watched the RailsCast, another nested attributes video, lots of SO posts, and fought with this for a while, but I still can't figure it out. I hope it's something tiny. I have two models, User (created by Devise), and Locker (aka, a product wishlist), and I'm trying to create a Locker for a User when they sign up. My login form has a field for the name of their new Locker (aptly called :name ) that I'm trying to assign to the locker that gets created upon new user registration. All I'm