问题
I try to update an existing user:
Controller-Snippet
def account_settings
@user = current_user
end
def set_account_info
old_user = current_user
# verify the current password by creating a new user record.
@user = User.authenticate_by_username(old_user.username, params[:user][:password])
# verify
if @user.nil?
@user = current_user
@user.errors[:password] = "Das eingegebene Passwort ist falsch."
render :action => "account_settings"
else
# update the user with any new username and email
@user.update(params[:user])
# Set the old email and username, which is validated only if it has changed.
@user.previous_email = old_user.email
@user.previous_username = old_user.username
if @user.valid?
# If there is a new_password value, then we need to update the password.
@user.password = @user.new_password unless @user.new_password.nil? || @user.new_password.empty?
@user.save
flash[:notice] = 'Benutzerkonto-Einstellungen wurden übernommen.'
redirect_to :root
else
flash[:error] = @user.username
render :action => "account_settings"
end
end
end
I allready tried post-, put- and patch-method.
Route-Snippet
Calendar::Application.routes.draw do
root "welcome#index"
get "user/account_settings" => "user#account_settings"
patch "user/account_settings" => "user#set_account_info"
end
User-Model
class User < ActiveRecord::Base
attr_accessible :email, :username, :previous_email, :previous_username, :password, :password_confirmation, :new_password, :new_password_confirmation
attr_accessor :password, :new_password, :previous_email, :previous_username
before_save :encrypt_password
validates_confirmation_of :password
validates_confirmation_of :new_password, :if => Proc.new {|user| !user.new_password.nil? && !user.new_password.empty? }
validates_presence_of :password, :on => :create
validates_presence_of :email, :if => Proc.new {|user| user.previous_email.nil? || user.email != user.previous_email}
validates_presence_of :username, :if => Proc.new {|user| user.previous_username.nil? || user.username != user.previous_username}
validates_uniqueness_of :email, :if => Proc.new {|user| user.previous_email.nil? || user.email != user.previous_email}
validates_uniqueness_of :username, :if => Proc.new {|user| user.previous_username.nil? || user.username != user.previous_username}
def initialize(attributes = {})
super # must allow the active record to initialize!
attributes.each do |name, value|
send("#{name}=", value)
end
end
def self.authenticate_by_email(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def self.authenticate_by_username(username, password)
user = find_by_username(username)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
The Flash-Notice flash[:error] = @user.username puts the new username, so I dont understand why the user isn't updated in the database.
First I thought my set_account_info-method isn't right, but I have no better idea how to check the inputs.
Secondly I changed the form_for method from default(post) to put and then to patch, but that also didn't help.
回答1:
With rails 4 attr_accessible is no longer used, instead we now have strong params. what this means is that you now need to tell the application what parameters it can update (A whitelist).
This is all done in the controller now, I will give you an example of what I do and see if it helps you in your scenario
class ExampleController < ApplicationController
def create
@object= Object.new(my_params)
if @object.save
redirect_to root_path, notice: 'Object Successfully Created'
else
render action: 'new'
end
end
def update
@object= Object.find(params[:id])
if @object.update_attributes(my_params)
redirect_to root_path, notice: 'Object updated'
else
render action: 'edit'
end
end
private
def my_params
params.require(:object).permit(:id, :title, :overview, :category_id,
nested_attributes: [:id, :gallery_id, :gallery_category_id, :photo, :_destroy])
end
来源:https://stackoverflow.com/questions/23015407/user-model-wont-update