Rails 4设计嵌套窗体无法批量分配受保护的属性

Question

我有一个设计模型在注册时具有嵌套窗体（supp_form是嵌套对象）。当我提交表单我收到以下错误：

WARNING: Can't mass-assign protected attributes for Business: supp_form_attributes, terms_of_service 
app/controllers/businesses/registrations_controller.rb:11:in `create' 

我使用的nested_form宝石，它好像我的形式是通过在控制台通过现场数据。我的参数提交的样子以下后：

Parameters: {"utf8"=>"✓", "authenticity_token"=>"XXX", "business"=>{"type"=>"Business", "supp_form_attributes"=>{"title"=>"mr.", "first_name"=>"jane", "last_name"=>"doe", "mobile_phone_number"=>"94034903", "loan_agreement_authorization"=>"1", "work_phone_number"=>"49034903", "business_industry"=>"Natural Resources and Mining", "legal_structure"=>"Sole Proprietorship", "employee_count"=>"5 to 10", "years_in_business"=>"5+ years", "business_address"=>"72 pentland rd", "business_city"=>"Waterdown", "business_postal_code"=>"l0r2h5", "business_province"=>"ON"} 

business.rb

class Business < User 
    # Associations 
    has_one :supp_form 
    has_many :loan_applications 
    has_many :transactions 

    # Nested attributes 
    accepts_nested_attributes_for :supp_form, :loan_applications 

    # After save action 
    after_save :create_account 

    # Validations 
    validates_acceptance_of :terms_of_service 
    validate :terms_of_service, presence: true 
end 

supp_form.rb

class SuppForm < ActiveRecord::Base 
    # Associations 
    belongs_to :business 

    # Validations 
    validates_acceptance_of :terms 
    validates :business_id, :first_name, :last_name, :work_phone_number, :business_address, :business_postal_code, :business_city, presence: true 
end 

registraionts_controller.rb

class Businesses::RegistrationsController < Devise::RegistrationsController 
    before_filter :update_sanitized_params 

    def new 
    build_resource({}) 
    resource.build_supp_form 
    respond_with self.resource 
    end 

    def create 
    super 
    resource.update_attribute(:railsid, '%010d' % rand(10 ** 10)) 
    end 

    private 

    def update_sanitized_params 
     devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:email, :password, :password_confirmation, :type, :confirmed_at, :business_name, :terms, :railsid, :terms_of_service, 
                   supp_form_attributes: [:business_id, :title, :loan_agreement_authorization, :first_name, 
                        :last_name, :work_phone_number, :business_address, :business_postal_code, 
                        :business_city, :business_name, :years_in_business, :legal_structure, 
                        :business_industry, :employee_count, :mobile_phone_number, :business_province])} 
    end 

    def after_sign_up_path_for(resource) 
     business_root_path 
    end 

end 

supp_forms_controller.rb

class SuppFormsController < ApplicationController 
    before_filter :authenticate_user! 

    def new 
    @suppform = SuppForm.new(supp_form_params) 
    end 

    def create 
    @suppform = SuppForm.create(supp_form_params) 
    end 

    private 

    def supp_form_params 
     params.require(:supp_form).permit(:business_id, :title, :loan_agreement_authorization, :first_name, 
                       :last_name, :work_phone_number, :business_address, :business_postal_code, 
                       :business_city, :business_name, :years_in_business, :legal_structure, 
                       :business_industry, :employee_count, :mobile_phone_number, :business_province) 
    end 
end 

Answer 1

您使用Rails 4具有较强的参数。并且你得到了protected_attributes gem（或者默认的rails 3 app）触发的错误。

随着strong_parameters的地方你可以删除安全的protected_attributes宝石。如果你有它（config.active_record.whitelist_attributes），删除配置。