associations - how to set foreign key through the controller in rails? -
i've got address form nested user form cant foreign key fill. i've seen people suggest using hidden field, seems bad idea security standpoint. how set foreign key using controller? right i'm getting address user can't blank error when try submit
mvc below
user\new.html.erb
<div> <%= form_for(@user) |f| %> <%= render 'shared/error_messages' %> <%= f.label :rank %> <%= f.text_field :rank %> <%= f.label :firstname, "first name" %> <%= f.text_field :firstname %> <%= f.label :lastname, "last name" %> <%= f.text_field :lastname %> <%= f.label :middleinitial, "middle initial" %> <%= f.text_field :middleinitial %> <%= fields_for :address |a| %> <%= a.label :address %> <%= a.text_field :address %> <%= a.label :city %> <%= a.text_field :city %> <%= a.label :state %> <%= a.text_field :state %> <%= a.label :zip, "zip code" %> <%= a.text_field :zip %> <% end %> <%= f.label :email %> <%= f.text_field :email %> <%= f.label :dateofbirth, "date of birth" %> <%= f.text_field :dateofbirth %> <%= f.label :mos, "mos" %> <%= f.text_field :mos %> <%= f.label :ets_pcsdate, "ets/pcs date" %> <%= f.text_field :ets_pcsdate %> <%= f.label :phonenum, "phone number" %> <%= f.text_field :phonenum %> <%= f.label :password %> <%= f.text_field :password %> <%= f.label :password_confirmation, "confirmation" %> <%= f.text_field :password_confirmation %> <%= f.submit "sign up" %> <% end %> </div> <h1>users#new</h1> <p>find me in app/views/users/new.html.erb</p> models
user
class user < activerecord::base attr_accessible :mos, :dateofbirth, :ets_pcsdate, :firstname, :lastname, :middleinitial, :phonenum, :rank, :email, :password, :password_confirmation has_secure_password has_one :address, dependent: :destroy accepts_nested_attributes_for :address before_save { |user| user.email = email.downcase } before_save :create_remember_token validates :rank, presence: true validates :firstname, presence: true, length: { maximum: 15 } validates :lastname, presence: true, length: { maximum: 20 } validates :middleinitial, presence: true, length: { maximum: 1 } valid_email_regex = /\a[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i validates :email, presence: true, format: { with: valid_email_regex }, uniqueness: { case_sensitive: false } validates :dateofbirth, presence: true validates :mos, presence: true validates :ets_pcsdate, presence: true validates :phonenum, presence: true validates :password, length: { minimum: 6 } validates :password_confirmation, presence: true private def create_remember_token self.remember_token = securerandom.urlsafe_base64 end end address
class address < activerecord::base attr_accessible :address, :city, :state, :zip belongs_to :user validates :address, presence: :true validates :city, presence: :true validates :state, presence: :true validates :zip, presence: true validates :user_id, presence: true end controller
class userscontroller < applicationcontroller before_filter :signed_in_user, only: [:index, :edit, :update, :show, :destory] before_filter :correct_user, only:[:edit, :update] before_filter :admin_user, only: :destroy def new @user = user.new @user.address.build end def create @user = user.new(params[:user]) @address = @user.build_address(params[:address]) if @user.save sign_in @user flash[:success] = "welcome b troop!" redirect_to @user else render 'new' end end def show @user = user.find(params[:id]) end def index @users = user.paginate(page: params[:page]) end def edit end def update if @user.update_attributes(params[:user]) flash[:success] = "profile updated" sign_in @user redirect_to @user else render 'edit' end end def destroy user.find(params[:id]).destroy flash[:success] = "user removed" redirect_to users_path end private def signed_in_user unless signed_in? store_location redirect_to root_path, notice: "please sign in." end end def correct_user @user = user.find(params[:id]) redirect_to(root_path) unless current_user?(@user) end def admin_user redirect_to(root_path) unless current_user.admin? end end
removing user_id validation did trick.
Comments
Post a Comment