问题
I'm working on installing Engage!
I followed the installation instructions found here: http://engagecsm.com/readme
Installation steps I did:
- Add Engage! to the application's Gemfile: gem 'engagecsm'.
- Install it: bundle install.
- Run the generator: rails generate engage User.
- Run the migrations: rake db:migrate.
Now, I can go to localhost:3000/engage
This is what shows up:
Now, when I hit "Create Topic", nothing happens on the site. I look at my rails server console and I see this: (Easier to view here http://i.stack.imgur.com/xKBER.png, full stack trace found at the bottom)
So I start googling, and I see things like this:
- Can't mass-assign protected attributes: user
- http://guides.rubyonrails.org/security.html#mass-assignment
I already added attr_accessible :user to my User model, but that didn't work.
Here's my User model:
Also, I can't see how I have access to Engage models and such, see here's my directory:
Does anyone know how to fix this? If you want any other information, please tell me and I'll provide screenshots.
Any help is greatly appreciated. Thank you!
EDIT #1 - Adding application controller picture and full stack trace
This is the only place I can see anything with Engage! in controllers (I don't have a User controller at this time)
Here's the full stack trace:
EDIT #2 - Add engage environment:
Also, we have Devise (and OmniAuth I believe...) installed. Therefore, we have "current_user", but I don't know if we have a "username" or "email" method, unless that comes standard with Devise or something
EDIT #3 - As Geoff suggested, I looked at line 46 of the topics_controller. That line is the following:
@topic.votes.create(:user => engage_current_user)
回答1:
it's one of Engage! developers here. I can see there are two problems with Engage! described above.
We have found the solution to the first (the one that you have solved with attr_accessible :user), so expect a Rubygems update soon.
The second (the fact that topics are not actually displayed on the index page) is connected with the changes in the cancan gem. We still have to figure out the best way to approach this, but a quick workaround is to lock the cancan version in the Gemfile as follows: gem 'cancan', '1.6.7'.
We will let you know when the updates addressing these issues will be available at Rubygems.
Cheers!
回答2:
Based on the information given, I'm afraid I can't tell what's going on but I can help give a little explanation of the error you're getting.
The last non-library line in your trace is:
engagecsm (1.0.8) app/controllers/engage/topics_controller.rb:46: in `create'
This code is probably in your default gem path. Probably either /usr/lib/ruby/gems or /home/user_name/.gem/ruby if you're on *nix.
Sometime in the processing of that line of code, it hit a Mass-assignment security error.
It might help you to look at that line of code to see which model it's hitting. DO NOT post that line of code here. The licence for Engage! does not appear to be one of the standard open source ones and you may be in violation of the license if you post here. I may very well be wrong, but better safe than sorry.
There are two variable which can trip you up with Mass-assignment security. They are the attribute and the role. Adding attr_accessible :user to the appropriate Model will help only if they are using the default role. If they are using the :admin role, then you need to add attr_accessible :user, as: :admin. I don't think your User model has an attribute of :user so it probably needs to be added somewhere else.
If I had to guess what you did wrong, I think you might have followed the security guide here:
http://guides.rubyonrails.org/security.html
In that guide, they suggest setting your config to whitelist everything by default.
config.active_record.whitelist_attributes = true
If you did this and Engage! wasn't written with MassAssignment support, that would explain the error you're seeing.
Sorry I can't explain your issue with any certainty, but I hope it helps nonetheless.
回答3:
Looking at your
your problem is in the topices_controller - therefore likely to mean that you need to add :user_id to the attr_accessible in the Engage/Topic model.
回答4:
I needed to add the following line to Engage/Vote Model
attr_accessible :user
Now it will say "Topic successfully created."
However, I can't see the topics listed. However, I believe I'm done with this portion of the problem. I am able to see the topic when I go to
http://localhost:3000/engage/topics/1
来源:https://stackoverflow.com/questions/14421250/rails-engage-error-cant-mass-assign-protected-attributes-user