在 Rails 3 项目中对我的 Controller 代码运行功能测试时,出现 fatal error ; params 变量包含 controller 和 action,ActiveModel 对此不满意:
ActiveModel::MassAssignmentSecurity::Error: Can't mass-assign protected attributes: controller, action
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activemodel-3.2.1/lib/active_model/mass_assignment_security/sanitizer.rb:48:in `process_removed_attributes'
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activemodel-3.2.1/lib/active_model/mass_assignment_security/sanitizer.rb:20:in `debug_protected_attribute_removal'
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activemodel-3.2.1/lib/active_model/mass_assignment_security/sanitizer.rb:12:in `sanitize'
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activemodel-3.2.1/lib/active_model/mass_assignment_security.rb:228:in `sanitize_for_mass_assignment'
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activerecord-3.2.1/lib/active_record/attribute_assignment.rb:75:in `assign_attributes'
/Users/phooze/.rvm/gems/ruby-1.9.3-p0/gems/activerecord-3.2.1/lib/active_record/base.rb:495:in `initialize'
/Users/phooze/Documents/rails-app/app/controllers/credentials_controller.rb:40:in `new'
应用程序调用的是"new"方法(发生错误的地方),代码是:
# Credential#create (POST)
def create
@credential = Credential.new(params)
# ... controller continues
end
最后,我的测试用例:
test "should create credential" do
assert_difference('Credential.count', 1) do
post :create, { :fid => "foobarbaz", :credentials_hash => "f00ba7f00ba7", :uid => "10023", :cid => "342" }
end
assert_response :created
end
将我的 Controller 代码更改为仅包含 fid、credentials_hash、uid 和 cid 的“单独”参数哈希使其工作。我很确定 Rails 正在努力变得“友善”并为我提供额外的测试值(value),但它似乎会导致问题。
关于如何解决这个问题有什么建议吗?
最佳答案
看起来你已经设置了 config.active_record.mass_assignment_sanitizer = :strict
仅在您的测试环境中,而不是在开发或生产环境中,因为 params 在任何环境中始终包含 controller 和 action。
我认为这里的最佳实践建议是始终使用 form_for,这样您就可以在 params[:credential] 中拥有您的凭据,或者,实际上,执行 params.slice(:fid, :uid, etc)。
关于ruby-on-rails-3 - Rails 3 功能测试 : Can't mass-assign protected attributes: controller, 操作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9460042/