How can I fix a ActiveModel::ForbiddenAttributesError in rails

Question

My app I am building uses, Activeadmin for a back-end interface.

I currently use this for easy production for my clients to add simple things into the back-end like products etc.

I have set up using rails 4 and the activeadmin rails 4 compatible version.

When I go to add a new band in the back-end I get this error:

ActiveModel::ForbiddenAttributesError in Admin::BandsController#create
ActiveModel::ForbiddenAttributesError

Request

Parameters:

{"utf8"=>"✓",
 "authenticity_token"=>"YnzHk2juyZ6W2kVS5ZVPCimoj7LSHRI1Oen4BHjaqfc=",
 "bands"=>{"title"=>"Kings of Leon",
 "picture"=>"blank"},
 "commit"=>"Create Bands"}

I know that this is to do with the creation of a new item in the backend but I am unsure where to start from fixing this bug.

Any help would be great,

Thanks

Answer 1

Just add the following line to your app/admin/brand.rb

permit_params :title, :picture

and then restart your server.

Answer 2

I've just met that error and I've found the way to fix it already.

Solution: clarify permit syntax for params in controller, this is new in Rails 4 and very easy to make mistakes.

For example, these code will take the error (apply permit to the params then use the origin params):

params.require(:seller).permit(:company, :phone)
@seller.update_attributes(params[seller])

To fix it, replace them with:

@seller.update_attributes(params.require(:seller).permit(:company, :phone))

... or reuse the permitted params (recommended solution):

new_attributes = params.require(:seller).permit(:company, :phone)
@seller.update_attributes(new_attributes)

Hope it could help you.