强参数我有以下设计的登记表(与不相关的标记省略):困惑与设计
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { id: "payment-form" }) do |f| %>
<%= f.fields_for resource.paid_account do |pa| %>
<%= pa.collection_select :account_plan_id, @account_plans, :id, :name_with_price %>
<% end %>
<% end %>
这种形式吐出以下HTML:
<select id="user_paid_account_account_plan_id" name="user[paid_account][account_plan_id]">
<option value="2">Lite ($10.00/mo)</option>
<option value="3">Professional ($20.00/mo)</option>
<option value="4">Plus ($30.00/mo)</option>
</select>
我然后有以下代码我ApplicationController
:
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(
:email,
:password,
:paid_account => :account_plan_id # <-- THIS IS PROBABLY WRONG
)
end
end
end
当我提交我的形式,我得到“PaidAccount( #2163736620)预计,得到ActionController :: Parameters(#2173083140)“。
我也试着不给错误的下面,但它也没有创造一项纪录:
u.permit(
:email,
:password,
:paid_account => []
)
我在做什么错?
我还没有工作你想的办法,我只好把消毒的设计这个RegistrationController内,如: '高清sign_up_params params.require(:用户).permit(:电子邮件,:密码,:password_confirmation,:current_password,....) end' – sissy