【发布时间】:2013-06-23 17:58:14
【问题描述】:
我知道这是一个流行的错误,但我有类 User
详情如下:
ActiveModel::MassAssignmentSecurity::Error in UsersController#update
Can't mass-assign protected attributes: email
Rails.root: /Users/ewalker/Documents/alift
Application Trace | Framework Trace | Full Trace
app/controllers/users_controller.rb:19:in `update'
Request
Parameters:
{"utf8"=>"✓",
"_method"=>"put",
"authenticity_token"=>"F+5itYNqPddn4usVgIJwzG+PSz50Up7mqZs50x3f9Ho=",
"user"=>{"email"=>"erin@walkersmidas.com"},
"commit"=>"Sign in",
"id"=>"1"}
我的用户控制器:
class UsersController < ApplicationController
def show
@user = User.find(params[:id])
end
def index
@users = User.all
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
redirect_to @user
else
render :edit
end
end
end
用户模型:
class User < ActiveRecord::Base
attr_protected :provider, :uid, :name, :email
has_many :posts, dependent: :destroy
def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
user.provider = auth.provider
user.uid = auth.uid
user.name = auth.info.name
user.oauth_token = auth.credentials.token
user.oauth_expires_at = Time.at(auth.credentials.expires_at)
user.save!
end
end
end
和编辑表格:
<%= form_for(@user) do |f| %>
<%= f.label :email %>
<%= f.text_field :email %>
<br />
<%= f.submit "Sign " %>
<% end %>
谢谢
【问题讨论】:
标签: ruby-on-rails omniauth mass-assignment