Set*_*ies 16 ruby-on-rails nested-attributes ruby-on-rails-3 ruby-on-rails-4
所以我正在使用这个Railscast.
而且我知道Rails 4中的强参数有一些变化.
我已经四倍检查了我的实现,但无法看到我出错的地方.就目前而言,在最初提交患者时(即创建方法)勾选"销毁"框,按预期工作,并将删除任何具有复选框的药物,并允许任何不具有(从三种形式输入)它提供).
然而,当我随后编辑该患者时,任何未检查被删除的药物都是重复的(因此我最终得到的药物比我开始时更多),并且任何检查删除的药物似乎都没有改变.
因此,如果有两种药物附加"Med1"和"Med2",并且我编辑患者,如果两者都被标记为删除,我仍然会以"Med1"和"Med2"结束.如果仅将"Med1"标记为删除,我将以"Med1"和"Med2"以及额外的"Med2"结束.如果两者都没有标记为删除,我将最终得到两个"Med1"和"Med2".
#patient.rb
class Patient < ActiveRecord::Base
has_many :procedures
has_many :medications, dependent: :destroy
has_many :previous_operations, dependent: :destroy
accepts_nested_attributes_for :medications, :allow_destroy => true, :reject_if => lambda { |a| a[:name].blank? },
end
#views/patients/_form.html.erb
<%= form_for(@patient) do |f| %>
<% if @patient.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@patient.errors.count, "error") %> prohibited this patient from being saved:</h2>
<ul>
<% @patient.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<%= f.fields_for :medications do |builder| %>
<%= render "medication_fields", :f => builder %>
<% end %>
<div class="field">
<%= f.label :first_name %><br>
<%= f.text_field :first_name %>
</div>
<div class="field">
<%= f.label :last_name %><br>
<%= f.text_field :last_name %>
</div>
<div class="actions">
<%= f.submit %>
</div>
<% end %>
#views/patients/medications_fields.html
<div class="field">
<%= f.label :name %><br>
<%= f.text_field :name %>
</div>
<div class="field">
<%= f.label :_destroy, "Remove Medication" %>
<%= f.check_box :_destroy %>
</div>
#controllers/patients_controller.rb
class PatientsController < ApplicationController
before_action :set_patient, only: [:show, :edit, :update, :destroy]
# GET /patients
# GET /patients.json
def index
@patients = Patient.all
end
# GET /patients/1
# GET /patients/1.json
def show
end
# GET /patients/new
def new
@patient = Patient.new
3.times { @patient.medications.build }
end
# GET /patients/1/edit
def edit
end
# POST /patients
# POST /patients.json
def create
@patient = Patient.new(patient_params)
respond_to do |format|
if @patient.save
format.html { redirect_to @patient, notice: 'Patient was successfully created.' }
format.json { render action: 'show', status: :created, location: @patient }
else
format.html { render action: 'new' }
format.json { render json: @patient.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /patients/1
# PATCH/PUT /patients/1.json
def update
respond_to do |format|
if @patient.update(patient_params)
format.html { redirect_to @patient, notice: 'Patient was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @patient.errors, status: :unprocessable_entity }
end
end
end
# DELETE /patients/1
# DELETE /patients/1.json
def destroy
@patient.destroy
respond_to do |format|
format.html { redirect_to patients_url }
format.json { head :no_content }
end
flash[:notice] = "Patient was successfully deleted."
end
private
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit(:first_name, :last_name, medications_attributes: [:name, :_destroy])
end
end
我一直非常小心,检查了一百万次:通过强参数允许_destroy标志,但仍然没有骰子.
任何帮助表示赞赏,必须是我看不到的明显的东西.
编辑
改变这个......
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit(:first_name, :last_name, medications_attributes: [:name, :_destroy])
end
对此......
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit!
end
似乎工作正常,所以我仍然确定它与强参数有关,但后者不太安全我确定而不是最佳实践.
Man*_*eep 34
当你在做的时候
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit!
end
它允许您的所有属性,不建议这样做.这更像是一个黑客而不是解决方案.
如果你看看你的问题
Rails 4 deleting nested attributes, works on create but not on edit/update
如果你看看你允许的params
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit(:first_name, :last_name, medications_attributes: [:name, :_destroy])
end
这将用于创建患者,但不能用于更新或编辑它们,因为当您创建新记录时,它不需要您允许ID,但是当您想要更新或编辑记录时,您也需要允许其ID.
固定:
只需将id属性传递给允许的属性,它就会对你有用
# Never trust parameters from the scary internet, only allow the white list through.
def patient_params
params.require(:patient).permit(:id, :first_name, :last_name, medications_attributes: [:id,:name, :_destroy])
end
| 归档时间: |
|
| 查看次数: |
14968 次 |
| 最近记录: |