ActiveAdmin ForbiddenAttributesError
我是的新成员。我使用的是ActiveAdmin,我在创建AdminUser时遇到了问题
ActiveModel::ForbiddenAttributesError in Admin::AdminUsersController#create ActiveModel::ForbiddenAttributesError
请求
参数:
- {"utf8"=>"✓“
- "authenticity_token"=>"nvV++6GNTdA/nDzw1iJ6Ii84pZPcv2mzg0PK2Cg9Ag0=",
- "admin_user"=>{"email"=>"admin2@example.com"},
- “提交”=>“创建管理用户”}*
Rails 4.1.0
activeadmin 1.0.0
ruby 2.1
app/admin/admin_user.rb
ActiveAdmin.register AdminUser do
index do
column :email
column :current_sign_in_at
column :last_sign_in_at
column :sign_in_count
default_actions
end
form do |f|
f.inputs "Admin Details" do
f.input :email
end
f.actions
end
endapp/models/admin_user.rb
class AdminUser < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable,
:recoverable, :rememberable, :trackable, :validatable
after_create { |admin| admin.send_reset_password_instructions }
def password_required?
new_record? ? false : super
end
endGemfile
source 'https://rubygems.org'
gem 'rails', '4.1.0'
gem 'sqlite3'
gem 'sass-rails', '~> 4.0.3'
gem 'uglifier', '>= 1.3.0'
gem 'coffee-rails', '~> 4.0.0'
gem 'jquery-rails'
gem 'turbolinks'
gem 'jbuilder', '~> 2.0'
gem 'activeadmin', github: 'gregbell/active_admin'
gem 'polyamorous', github: 'activerecord-hackery/polyamorous'
gem 'ransack', github: 'activerecord-hackery/ransack'
gem 'formtastic', github: 'justinfrench/formtastic'
gem 'devise'
gem 'sdoc', '~> 0.4.0', group: :doc config/environments/development.rb
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
# In the development environment your application's code is reloaded on
# every request. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
# Do not eager load code on boot.
config.eager_load = false
# Show full error reports and disable caching.
config.consider_all_requests_local = true
config.action_controller.perform_caching = false
# Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
# Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load
# Debug mode disables concatenation and preprocessing of assets.
# This option may cause significant delays in view rendering with a large
# number of complex assets.
config.assets.debug = true
# Adds additional error checking when serving assets at runtime.
# Checks for improperly declared sprockets dependencies.
# Raises helpful error messages.
config.assets.raise_runtime_errors = true
# Raises error for missing translations
# config.action_view.raise_on_missing_translations = true
# Sending emails works
config.action_mailer.default_url_options = { :host => 'localhost:3000' }
end回答 2
Stack Overflow用户
发布于 2014-05-14 13:32:10
Rails 4使用强参数,将属性白名单从模型移动到控制器。必须指定要保存在数据库中的属性。您不允许代码中的属性,这就是您要接收ActiveModel::ForbiddenAttributesError的原因。
参考ActiveAdmin :设置强参数的文档
您可以使用permit_params方法(它创建一个名为permitted_params的方法)以下列方式设置强参数,在重写create或update操作时使用此方法:
ActiveAdmin.register AdminUser do
## ...
permit_params :attr1, :attr2 ## Add this line
end用要白名单的实际属性名称替换:attr1**,** :attr2**,等。例如:** :email
Stack Overflow用户
发布于 2014-05-14 13:37:48
您所看到的是较新版本的Rails的安全特性。您必须为属性创建一个白名单,这些属性可以由用户输入的params更新。否则,您必须手动设置每个值。
下面是一个白化某些参数的示例:
ActiveAdmin.register Post do
permit_params :title, :content, :publisher_id
end参见有关主题的ActiveAdmin文档:admin/blob/master/docs/2-resource-customization.md#setting-up-strong-parameters
https://stackoverflow.com/questions/23655366
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号