Pat*_*ard 8 parameters json ruby-on-rails
我不明白为什么我会收到这些Unpermitted parameter: format消息,我正在执行 JSON 请求:POST "/questions/add_options.json"使用这些参数Parameters: {"id_question"=>551, "options"=>[{"position"=>10, "label"=>"opc 10", "value"=>"opc 10", "go_page"=>nil}], "question"=>{}},这就是我在终端中得到的......
Started POST "/questions/add_options.json" for 127.0.0.1 at 2016-08-16 23:12:27 -0300
Processing by QuestionsController#add_options as JSON
Parameters: {"id_question"=>551, "options"=>[{"position"=>10, "label"=>"opc 10", "value"=>"opc 10", "go_page"=>nil}], "question"=>{}}
User Load (0.4ms) SELECT "login_aexa".* FROM "login_aexa" WHERE "login_aexa"."usuaex_id" = $1 ORDER BY "login_aexa"."usuaex_id" ASC LIMIT 1 [["usuaex_id", 1]]
Unpermitted parameter: format
Question Load (0.4ms) SELECT "questions".* FROM "questions" WHERE "questions"."id" = $1 LIMIT 1 [["id", 551]]
Unpermitted parameter: format
(0.2ms) BEGIN
(0.4ms) SELECT COUNT(*) FROM "options" WHERE "options"."question_id" = $1 [["question_id", 551]]
在 Rails 控制器中,我使用 params permit 拒绝不允许的参数,如下所示:
def question_add_options_params
params.permit(:id_question, options: [:position, :label, :value, :go_page], question: {})
end
在我看来格式应该没问题,有人知道我为什么收到这些Unpermitted parameter: format消息吗?
编辑:
这是控制器的代码
class QuestionsController < ApplicationController
before_action :set_question, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!
# GET /questions
# GET /questions.json
def index
@questions = Question.all
end
# GET /questions/1
# GET /questions/1.json
def show
end
# GET /questions/new
def new
@question = Question.new
end
# GET /questions/1/edit
def edit
end
# POST /questions
# POST /questions.json
def create
@question = Question.new(question_params)
respond_to do |format|
if @question.save
format.html { redirect_to @question, notice: 'Question was successfully created.' }
format.json { render :show, status: :created, location: @question }
else
format.html { render :new }
format.json { render json: @question.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /questions/1
# PATCH/PUT /questions/1.json
def update
respond_to do |format|
if @question.update(question_params)
format.html { redirect_to @question, notice: 'Question was successfully updated.' }
format.json { render :show, status: :ok, location: @question }
else
format.html { render :edit }
format.json { render json: @question.errors, status: :unprocessable_entity }
end
end
end
def add_options
@question = Question.find(question_add_options_params[:id_question])
question_add_options_params[:options].each do|q_aop|
@question.options.create(q_aop)
end
@options = @question.options
end
# DELETE /questions/1
# DELETE /questions/1.json
def destroy
@question.destroy
respond_to do |format|
format.html { redirect_to questions_url, notice: 'Question was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_question
@question = Question.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def question_params
params[:question]
end
def question_add_options_params
params.permit(:id_question, options: [:position, :label, :value, :go_page])
end
end
params.permit(:id_question, options: [:position, :label, :value, :go_page], question: {})
这一行告诉 Rails允许的唯一参数在上面的列表中。如果您实际查看一个真正的 params-hash,它不仅包含表单传入的参数,还包含以下内容::controller => :questions, :action => :create, :format => :json等等... Rails 总是根据 URL 插入这些内容
通常我们使用 egform_for @question来命名表单,这意味着参数是这样输入的:
{:controller => :questions, :action => :create,
:format => :json,
:question => {"id_question"=>551, "options"=>[{"position"=>10, "label"=>"opc 10", "value"=>"opc 10", "go_page"=>nil}]}
}
那么你可以在你的控制器中做到这一点:
params.require(:question).permit(:id_question, options: [:position, :label, :value, :go_page])
这并没有从字面上告诉 rails 你不允许拥有总是由 rails 传入的控制器/动作/格式参数......
显然,您需要修改它们的名称以满足您的需要,但这是您需要做的来阻止错误。
| 归档时间: |
|
| 查看次数: |
6682 次 |
| 最近记录: |