如何允许具有强参数的数组

我有一个功能正常的Rails 3应用程序,使用has_many:通过关联,这不是,因为我把它重新制作为Rails 4应用程序,让我保存id从相关的模型在Rails 4版本。

这是三个相关的模型是相同的两个版本。

Categorization.rb

class Categorization < ActiveRecord::Base


belongs_to :question
belongs_to :category
end

Question.rb

has_many :categorizations
has_many :categories, through: :categorizations

Category.rb

has_many :categorizations
has_many :questions, through: :categorizations

在两个应用中,类别id都像这样传递到创建动作中

  "question"=>{"question_content"=>"How do you spell car?", "question_details"=>"blah ", "category_ids"=>["", "2"],

在Rails 3应用程序中,当我创建一个新问题时,它会插入到问题表中,然后插入到分类表中

 SQL (82.1ms)  INSERT INTO "questions" ("accepted_answer_id", "city", "created_at", "details", "province", "province_id", "question", "updated_at", "user_id") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)  [["accepted_answer_id", nil], ["city", "dd"], ["created_at", Tue, 14 May 2013 17:10:25 UTC +00:00], ["details", "greyound?"], ["province", nil], ["province_id", 2], ["question", "Whos' the biggest dog in the world"], ["updated_at", Tue, 14 May 2013 17:10:25 UTC +00:00], ["user_id", 53]]
SQL (0.4ms)  INSERT INTO "categorizations" ("category_id", "created_at", "question_id", "updated_at") VALUES (?, ?, ?, ?)  [["category_id", 2], ["created_at", Tue, 14 May 2013 17:10:25 UTC +00:00], ["question_id", 66], ["updated_at", Tue, 14 May 2013 17:10:25 UTC +00:00]]

在rails 4应用程序中,在它处理questioncontroller# create中的参数后,我在服务器日志中得到这个错误

Unpermitted parameters: category_ids

问题只是被插入到问题表中

 (0.2ms)  BEGIN
SQL (67.6ms)  INSERT INTO "questions" ("city", "created_at", "province_id", "question_content", "question_details", "updated_at", "user_id") VALUES ($1, $2, $3, $4, $5, $6, $7) RETURNING "id"  [["city", "dd"], ["created_at", Tue, 14 May 2013 17:17:53 UTC +00:00], ["province_id", 3], ["question_content", "How's your car?"], ["question_details", "is it runnign"], ["updated_at", Tue, 14 May 2013 17:17:53 UTC +00:00], ["user_id", 12]]
(31.9ms)  COMMIT

虽然我没有在Questions模型中存储category_ids,但我将category_ids设置为questions_controller中的一个允许参数

   def question_params


params.require(:question).permit(:question_details, :question_content, :user_id, :accepted_answer_id, :province_id, :city, :category_ids)
end

有人能解释一下我应该如何保存category_ids吗?注意,在categorories_controller中没有创建动作。任意一个应用程序的Rb。

这三个表在两个应用中是一样的

 create_table "questions", force: true do |t|
t.text     "question_details"
t.string   "question_content"
t.integer  "user_id"
t.integer  "accepted_answer_id"
t.datetime "created_at"
t.datetime "updated_at"
t.integer  "province_id"
t.string   "city"
end


create_table "categories", force: true do |t|
t.string   "name"
t.datetime "created_at"
t.datetime "updated_at"
end


create_table "categorizations", force: true do |t|
t.integer  "category_id"
t.integer  "question_id"
t.datetime "created_at"
t.datetime "updated_at"
end

更新

这是Rails 3应用程序的创建操作

  def create
@question = Question.new(params[:question])
respond_to do |format|
if @question.save
format.html { redirect_to @question, notice: 'Question was successfully created.' }
format.json { render json: @question, status: :created, location: @question }
else
format.html { render action: "new" }
format.json { render json: @question.errors, status: :unprocessable_entity }
end
end
end

这是Rails 4应用程序的创建操作

   def create
@question = Question.new(question_params)


respond_to do |format|
if @question.save
format.html { redirect_to @question, notice: 'Question was successfully created.' }
format.json { render json: @question, status: :created, location: @question }
else
format.html { render action: "new" }
format.json { render json: @question.errors, status: :unprocessable_entity }
end
end
end

这是question_params方法

 private
def question_params
params.require(:question).permit(:question_details, :question_content, :user_id, :accepted_answer_id, :province_id, :city, :category_ids)
end
198687 次浏览

这个https://github.com/rails/strong_parameters看起来像是文档的相关部分:

允许的标量类型是String, Symbol, NilClass, Numeric, TrueClass, FalseClass, Date, Time, DateTime, StringIO, IO, ActionDispatch::Http::UploadedFile and Rack::Test::UploadedFile.

要声明params中的值必须是一个允许标量值的数组,将键映射到一个空数组:

params.permit(:id => [])

在我的应用程序中,category_ids被传递给数组中的create操作

"category_ids"=>["", "2"],

因此,在声明强参数时,我显式地将category_ids设置为一个数组

params.require(:question).permit(:question_details, :question_content, :user_id, :accepted_answer_id, :province_id, :city, :category_ids => [])

现在工作得很完美!

(正如@Lenart在评论中指出的,数组声明必须是属性列表的在最后,否则你会得到一个语法错误。)

如果你想允许一个哈希数组(或从JSON的角度来看an array of objects)

params.permit(:foo, array: [:key1, :key2])

这里需要注意两点:

  1. array应该是permit方法的最后一个参数。
  2. 你应该在数组中指定哈希的键,否则你会得到一个错误Unpermitted parameter: array,在这种情况下很难调试。

如果你有一个这样的哈希结构:

Parameters: {"link"=>{"title"=>"Something", "time_span"=>[{"start"=>"2017-05-06T16:00:00.000Z", "end"=>"2017-05-06T17:00:00.000Z"}]}}

这就是我如何做到的:

params.require(:link).permit(:title, time_span: [[:start, :end]])

应该是这样的

params.permit(:id => [])

另外,从rails版本4+开始,您可以使用:

params.permit(id: [])

我还不能评论,但遵循陌生人的解决方案,你也可以保持嵌套,以防你有键值是一个数组。是这样的:

filters: [{ name: 'test name', values: ['test value 1', 'test value 2'] }]

如此:

params.require(:model).permit(filters: [[:name, values: []]])

当你想允许多个数组字段时,你必须在允许时列出数组字段,如给出的-

params.require(:questions).permit(:question, :user_id, answers: [], selected_answer: [] )

(这是)