我收到以下錯誤:當我運行耙分貝不能大規模指派保護的屬性,但attr_accessible用於
Can't mass-assign protected attributes: Admin, Student
:種子命令具有以下seed.rb文件:
roles = [
Admin: 'Unlimited Access',
Student: 'Default user role for each user created by sign-in interface.'
]
roles.each do |role, description|
SecurityUsersRole.find_or_create_by_role_and_description(role,description)
end
在我的模型看起來像:
class SecurityUsersRole < ActiveRecord::Base
# Accessible columns
attr_accessible :description,
:role
# Relationships
...
# Validations
validates :description, presence: true, length: { in: 4..32 }, uniqueness: true
validates :role, length: { maximum: 256 }, presence: true
end
我已經閱讀了很多關於這一點,似乎對最新的軌道版本質量分配如果爲了防止黑客關閉阿塔克這樣的:
def signup
params[:user] # => {:name => 「ow3ned」, :admin => true}
@user = User.new(params[:user])
end
有很多關於這個做題和答案總是設置attr_accessible的字段,但我已經這樣做了。
編輯:
如果我使用以下語法({}代替[])所述第一對被添加:如果我在做這個
roles = {
Admin: 'Unlimited Access',
Student: 'Default user role for each user created by sign-in interface.'
}
沒有什麼變化:
SecurityUsersRole.find_or_create_by_role_and_description('Admin','Unlimited Access')
SecurityUsersRole.find_or_create_by_role_and_description('Student','Default user role for each user created by sign-in interface.')
經過一番閱讀似乎在Rails 4.0中find_or_create_by助手已經是depreciated 。我正在使用Rails 3.2,但決定嘗試其他技術:
roles = {
Admin: 'Unlimited Access',
Student: 'Default user role for each user created by sign-in interface.',
Test:'wtf'
}
roles.each do |role, description|
SecurityUsersRole.where(role:role,description:description).first_or_create
#puts role
#puts description
end
上述語句仍然只創建第一條記錄。我已經決定執行在軌控制檯的聲明,這是我得到的輸出:
SecurityUsersRole Load (5.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Admin' AND security_users_roles.description = 'Unlimited Access' FETCH FIRST ROW ONLY
SecurityUsersRole Load (3.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Student' AND security_users_roles.description = 'Default user role for each user created by sign-in interface.' FETCH FIRST ROW ONLY
SecurityUsersRole Exists (1.0ms) SELECT 1 AS one FROM security_users_roles WHERE security_users_roles.description = 'Default user role for each user created by sign-in interface.' FETCH FIRST ROW ONLY
SecurityUsersRole Load (1.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Test' AND security_users_roles.description = 'wtf' FETCH FIRST ROW ONLY
SecurityUsersRole Exists (1.0ms) SELECT 1 AS one FROM security_users_roles WHERE security_users_roles.description = 'wtf' FETCH FIRST ROW ONLY
=> {:Admin=>"Unlimited Access", :Student=>"Default user role for each user created by sign-in interface.", :Test=>"wtf"}
我無法理解到底是怎麼回事上,而是從控制檯中選擇所有用戶只返回我的第一。所以,如果搜索其他角色,爲什麼不創建它們,因爲它們不存在?
任何人都可以建議我可以嘗試嗎?
嘗試設置您的角色散列如下:'roles = {Admin:'Unlimited',Student:'Default'}'。意思是,使用大括號而不是括號,否則你會在數組中使用散列。 – mmichael
@mmichael如果我僅在第一對括號中使用括號 - 鍵值被插入。這就是爲什麼我嘗試保持數組中的值。 – gotqn