I'm fairly new to Rails and can't find any information on exactly how to do this.
Currently, users create items by filling in a form with URL, Title, Content, etc.
#resource = Resource.new(resource_params)
.
.
.
def resource_params
params.require(:resource).permit(:title, :url, :content, :name, :tags_as_string)
end
I want users to be able to input only the URL, and generate the input for the rest of the parameters using the MetaInspector gem (https://github.com/jaimeiniesta/metainspector), but then be able to go back to the created item and edit its content manually.
Can somebody point me in the right direction? I have a feeling I need to create some kind of helper method, but this is the real first programming I've encountered in my project.
To prevent users from passing value of any field except url, you will need to remove all fields but url from your new resource form.
app/views/resources/new.html.erb
<%= form_for(#resource) do |f| %>
<%= f.text_field :url %>
<% end %>
And in your controller action create, permit only :url in params.
app/controllers/resources_controller.rb
def create
#resource = Resource.new(params.require(:resource).permit(:url))
# Set other attributes using `metainspector`. See documentation for usage.
if #resource.save
redirect_to resources_path
else
render :new
end
end
You can have a separate form (with all the fields) for editing a resource manually and a different set of permitted params for update action.
app/views/resources/edit.html.erb
<%= form_for(#resource) do |f| %>
<%= f.text_field :url %>
<%= f.text_field :title %>
<%= f.text_field :content %>
<!-- Add other editable fields here -->
<% end %>
app/controllers/resources_controller.rb
before_action :fetch_resource, only: [:edit, :update]
def update
if #resource.update_attributes(resource_params)
redirect_to resources_path
else
render :edit
end
end
private
def fetch_resource
# Fetch `Resource` instance from database. Homework for you.
end
def resource_params
params.require(:resource).permit(:title, :url, :content, :name, :tags_as_string)
end
Note: This code is not tested. It is just to give you hints on how you should proceed. You might have to change some method/field names to make them suit your application.
Related
I have created a controller called insert. Which is defined like this
class InsertController < ApplicationController
def create
end
def show
render plain: params[:insert].inspect
end
end
My create.html.erb file is defined like this
<%= form_for :insert, url: '/insert/show' do |f| %>
<%= f.text_field :fname, placeholder: "Enter First Name" %><br />
<%= f.text_field :lname, placeholder: "Enter Last Name" %><br />
<%= f.submit "Login"%>
<% end %>
routes.rb is as follows
Rails.application.routes.draw do
get '' => 'greeter#hello'
get 'new' => 'insert#create'
post 'insert/show' => 'insert#show'
end
When I am entering the form below
I am having this output
Till now no issues. But I want to render the output like this
What is the way to access those hash key-value pair?
I have seen examples where they are first storing these data to database and then from database they are fetching these. Is it possible to show these value like my intended output?
You can create show.html.erb file
<%= debug(params) %>
And change your show action to just empty method
def show
end
debug method will display params hash with more human readable way.
I'm working on a dynamic form in a Rails app, and I need to insert a variable number of records into a model in a single form submission. I've done this using PHP -> MySQL/Postgres before, but I have no idea how to do it in Rails.
Ultimately, users should be able to create any number of records to be inserted, but in my example below, I'm limiting it to 2... let me see if I can do that, first...
Here's the form - the ids all get a unique suffix because they are being populated dynamically from localStorage objects on submission.
new.html.erb
<%= form_for #entry, html: {id: :new_entry_form} do |f| %>
<% for i in 0..1 %>
<%= f.text_field :name, :id => 'name_#{i}' %>
<%= f.text_field :day, :id => 'day_#{i}' %>
<% end %>
<% end %>
Here's the associated controller - I'm sure that this is missing something, but I don't know what.
def new
#entry = Entry.new
end
def create
#entry = Entry.create(entry_params)
redirect_to "http://localhost:3000/entries"
end
private
def entry_params
params.require(:entry).permit(:name, :day)
end
Any help would be much appreciated.
Follow this link it shows how to create multiple object in one form submit:
http://vicfriedman.github.io/blog/2015/07/18/create-multiple-objects-from-single-form-in-rails/
I have tried to create a mailer using the following code:
routes code
resources :listings do
member do
put :lead
end
end
mailer controller code
def lead(listing)
#listing = listing
mail(to: #listing.leadrecepient, subject: "test")
end
standard controller code
def lead
Enquiry.lead(#listing).deliver
end
view
<%= form_for lead_listing_path(#listing), method: :put do |listing| %>
<%= listing.text_field :name %>
<%= listing.submit %>
<% end %>
In the context of a business directory, I want it so that there is a enquiry form on each listing page that when filled out and submitted, the information is sent to the relative listing email.
The problem however is that when I type into the form and click submit, I get the following error:
param is missing or the value is empty: listing
This seems to be because I have it in the "listing" controller which controls the showing and creation of the business listing itself. I therefore have strong params for a new listing which contains all the new listing variables:
def listing_params
params.require(:listing).permit(:fullname, :jobtitle, :email, :franchisename, :leadrecepint, :shortdescription, :longdescription, :website, :branchcount, :scale, :mininvestment, :investmentrange, :category, :hexbg, :logourl, :facebook, :twitter, :linkedin, :googleplus, :approved)
end
How do I go about fixing this? I'm a beginner if I'm honest, could really do with some help to get this mailer working! Thanks.
Strong params are for when you are submitting new resources or modifications to resources. To protect against people adding extra parameters that may circumvent security or other aspects of your application unexpectedly.
If you are adding an action to an existing resource that the user is authorized to access, which this appears to be, you want to just find the object by ID, and use it. So instead of finding it using the params filtered through listing_params, just find it like this in the controller:
def lead
listing = Listing.find(params[:id])
Enquiry.lead(listing).deliver
redirect_to listing
end
And invoke it using a simple link, instead of this:
<%= form_for lead_listing_path(#listing), method: :put do |listing| %>
<%= listing.text_field :name %>
<%= listing.submit %>
<% end %>
Just use this in your view:
= link_to 'Go!', lead_listing_path(#listing), method: :put
Nothing more to it.
I am making one of my first rails apps from scratch and cannot figure out what is going on. Whenever I try to create a new instance, it saves multiple instances of the item. I am trying to make tasks, and each time I create a new instance it saves 7 times, and then gives me an error page saying no data received. I tried adding a uniqueness validator for the model, but that would save the first instance then return me to root path. This is what I have:
Task Controller:
class TasksController < ApplicationController
def index
#tasks = Task.all
end
def create
#task = Task.new(task_params)
if #task.save
redirect_to 'tasks'
else
redirect_to root_path
end
end
private
def task_params
params.require(:task).permit(:title, :category, :difficulty)
end
end
Here is the form I am using, perhaps that is the problem?
<div id='task_form'>
<%= form_for :task do |f| %>
<%= f.label :title %>
<%= f.text_field :title%>
<%= f.label :category %>
<%= f.text_field :category%>
<%= f.label :difficulty %>
<%= f.text_field :difficulty%>
<%= f.submit %>
<% end %>
</div>
Thanks if anyone knows what this is or has experienced it before
Do this:
#app/controllers/tasks_controller.rb
def new
#task = Task.new
end
#app/views/tasks/new.html.erb
<%= form_for #task do |f| %>
--
Problem
I frankly don't know why you're getting multiple submits, but I can see one of the issues you have is you're using a symbol in place of an instance variable.
This wouldn't normally be an issue, but as you're experiencing these problems, I would certainly use an instance variable in the form. (if only to test).
This does several important things:
Using an #instance var creates an ActiveRecord object for your form
The use of an ActiveRecord object gives rails a definite structure for the object
By saving the object, Rails is able to populate the appropriate attributes etc
I would certainly try the above code, but there may be other issues at work here if your form is submitting 7 times.
I have a user model with :name and :is_admin attributes. You should not change is_admin value. If you write a form in which any user may edit their name:
<%= form_for #user %>
<%= f.label :given_name %>
<%= f.text_field :given_name %>
<%= f.submit "Update" %>
<% end %>
Are you opening up a security hole?
Kind regards,
No.
This is because parameters are protected when they come into the controller by the strong parameters feature within Rails. In controllers now you define a create action like this:
def create
#user = User.new(user_params)
...
end
That user_params method looks like this:
def user_params
params.require(:user).permit(:name)
end
This code will permit the name parameter from the user parameters and outright reject everything else.
This is talked about in this section of the Getting Started guide.