不能大規模指派保護的屬性，但attr_accessible用於

Question

我收到以下錯誤：當我運行耙分貝

Can't mass-assign protected attributes: Admin, Student

：種子命令具有以下seed.rb文件：

roles = [ 
    Admin: 'Unlimited Access', 
    Student: 'Default user role for each user created by sign-in interface.' 
] 

roles.each do |role, description| 
    SecurityUsersRole.find_or_create_by_role_and_description(role,description) 
end 

在我的模型看起來像：

class SecurityUsersRole < ActiveRecord::Base 

    # Accessible columns 
    attr_accessible :description, 
        :role 

    # Relationships 
    ... 

    # Validations 
    validates :description, presence: true, length: { in: 4..32 }, uniqueness: true 
    validates :role, length: { maximum: 256 }, presence: true 

end 

我已經閱讀了很多關於這一點，似乎對最新的軌道版本質量分配如果爲了防止黑客關閉阿塔克這樣的：

def signup 
    params[:user] # => {:name => 「ow3ned」, :admin => true} 
    @user = User.new(params[:user]) 
end 

有很多關於這個做題和答案總是設置attr_accessible的字段，但我已經這樣做了。

編輯：

如果我使用以下語法（{}代替[]）所述第一對被添加：如果我在做這個

roles = { 
    Admin: 'Unlimited Access', 
    Student: 'Default user role for each user created by sign-in interface.' 
} 

沒有什麼變化：

SecurityUsersRole.find_or_create_by_role_and_description('Admin','Unlimited Access') 
SecurityUsersRole.find_or_create_by_role_and_description('Student','Default user role for each user created by sign-in interface.') 

經過一番閱讀似乎在Rails 4.0中find_or_create_by助手已經是depreciated 。我正在使用Rails 3.2，但決定嘗試其他技術：

roles = { 
    Admin: 'Unlimited Access', 
    Student: 'Default user role for each user created by sign-in interface.', 
    Test:'wtf' 
} 

roles.each do |role, description| 
    SecurityUsersRole.where(role:role,description:description).first_or_create 
    #puts role 
    #puts description 
end 

上述語句仍然只創​​建第一條記錄。我已經決定執行在軌控制檯的聲明，這是我得到的輸出：

SecurityUsersRole Load (5.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Admin' AND security_users_roles.description = 'Unlimited Access' FETCH FIRST ROW ONLY 
    SecurityUsersRole Load (3.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Student' AND security_users_roles.description = 'Default user role for each user created by sign-in interface.' FETCH FIRST ROW ONLY 
    SecurityUsersRole Exists (1.0ms) SELECT 1 AS one FROM security_users_roles WHERE security_users_roles.description = 'Default user role for each user created by sign-in interface.' FETCH FIRST ROW ONLY 
    SecurityUsersRole Load (1.0ms) SELECT security_users_roles.* FROM security_users_roles WHERE security_users_roles.role = 'Test' AND security_users_roles.description = 'wtf' FETCH FIRST ROW ONLY 
    SecurityUsersRole Exists (1.0ms) SELECT 1 AS one FROM security_users_roles WHERE security_users_roles.description = 'wtf' FETCH FIRST ROW ONLY 
=> {:Admin=>"Unlimited Access", :Student=>"Default user role for each user created by sign-in interface.", :Test=>"wtf"} 

我無法理解到底是怎麼回事上，而是從控制檯中選擇所有用戶只返回我的第一。所以，如果搜索其他角色，爲什麼不創建它們，因爲它們不存在？

任何人都可以建議我可以嘗試嗎？

Answer 1

的問題是我的模型驗證規則，其中

# Validations 
    validates :description, presence: true, length: { in: 4..32 }, uniqueness: true 
    validates :role, length: { maximum: 256 }, presence: true 

應引起

# Validations 
    validates :role, presence: true, length: { in: 4..32 }, uniqueness: true 
    validates :description, length: { maximum: 256 }, presence: true 

我已經改變了的地方：角色和：描述領域。所以，rake db：seed命令會插入第一條記錄，但第二條記錄會出現錯誤，並且插入會中止。結果是我總是有第一個記錄導入。

爲了在使用種子時獲得驗證錯誤，您應該使用！方法版本是這樣的：

SecurityUsersRole.where(role:role,description:description).first_or_create!