7

I've been using strong_params and trying to get a object create to pass. I have two questions.

  1. How do you find out which attribute is causing the issue?
  2. What am I missing in the code below?

Lets start with the error, the log tells me nothing.

ActiveModel::ForbiddenAttributesError in JobsController#create

Just for giggles, here is the log which I don't see very useful:

Started POST "/jobs" for 127.0.0.1 at 2013-12-17 22:03:59 +0000
Processing by JobsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"Ohq4lVqPVMpjzbZwCfJNYBL78TAcoC0WZLSmpCzMD3k=", "job"=>{"job_title"=>"Junior Rails Developer", "job_description"=>"A new position getig nsomethfins lansnana", "languages"=>["", "Rails", "Ruby"], "country_code"=>"AO", "job_type"=>"Full-Time", "job_salary"=>"30000", "job_level"=>"Junior"}, "commit"=>"Create Job"}
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 8ms

ActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):

Makes sense, but then if I look at my create:

def create
    binding.pry
    @job = Job.new(job_params)

    respond_to do |format|
      if @job.save
        format.html { redirect_to @job, notice: 'Job was successfully created.' }
        format.json { render action: 'show', status: :created, location: @job }
      else
        format.html { render action: 'new' }
        format.json { render json: @job.errors, status: :unprocessable_entity }
      end
    end
  end

Strong_params:

 def job_params
      params.require(:job).permit(:job_title, :job_level, :job_description, :job_salary,
                                  :country_code, :job_type, :state, :languages => [])
    end

I am mainly interested in finding how to find out where the problem is for future as it's seems like a needle in haystack error.

Shaun Frost Duke Jackson
  • 1,256
  • 1
  • 10
  • 22

3 Answers3

2

In your log file it shows the parameters the app is getting from the create:

Parameters: {"utf8"=>"✓", "authenticity_token"=>"Ohq4lVqPVMpjzbZwCfJNYBL78TAcoC0WZLSmpCzMD3k=", "job"=>{"job_title"=>"Junior Rails Developer", "job_description"=>"A new position getig nsomethfins lansnana", "languages"=>["", "Rails", "Ruby"], "country_code"=>"AO", "job_type"=>"Full-Time", "job_salary"=>"30000", "job_level"=>"Junior"}, "commit"=>"Create Job"}

You need to first make sure each parameter is listed in your strong params definition. Then make sure each parameter is the right type.

:parameter          #accepts a single entry
:parameter => []    #accepts a hash
:paramters_attributes: [:firstattribute, :secondattribute]  #accepts nested parameters

Your languages parameter is showing as a hash in your log, but you only have :languages in your permitted parameters. Changing the parameter to accept hashes should solve the issue.

:languages => []

Also this blog post is helpful by showing some strong parameters by example: http://blog.sensible.io/2013/08/17/strong-parameters-by-example.html

ChrisBarthol
  • 4,871
  • 2
  • 21
  • 24
  • Server restarted tried using Permitted Scalar Values but still get the same error, this is the only error I have generally encountered in Rails that doesn't give you amazing feedback. Any idea how else I can find the error. – Shaun Frost Duke Jackson Dec 17 '13 at 23:23
  • Yep I am using rails 4 – Shaun Frost Duke Jackson Dec 18 '13 at 00:36
  • My guess is the error isn't in the code you provided. You could also look at https://github.com/rails/strong_parameters for info. As a super last resort you could use `params.require(:job).permit!` but that will mass assign all current and future attributes. – ChrisBarthol Dec 18 '13 at 19:00
  • ChrisBarthol - I'm running into the same issue. Let's say the problem was that he mistyped job_title as 'joo_title'. How would one go about extracting that error message from the ForbiddenAttributesError? – nimblegorilla Feb 03 '14 at 22:55
  • You wouldn't get the same error. If you did that, and you are trying to assign a value to job_title you would get an error in your log file that says: Unpermitted parameters: job_title. The above error comes from trying to assign the incorrect type of parameter i.e. hash vs single variable. You might also get it from doing this:http://stackoverflow.com/questions/17868427/rails-4-activemodelforbiddenattributeserror – ChrisBarthol Feb 04 '14 at 00:01
1

It probably doesn't apply in this case but I have had the type of problem with Rails 4, but only with the create action. Looking through the full stack trace in teh development log showed some references to CanCan and the ability model which I've used for access control.

I started off using the load_and_authorize_resource as recommended at the top of the controller, but when I removed it and just permissioned each action 'long hand', the problem with the parameters disappeared.

RubyNewby
  • 11
  • 2
0

This error is raised when you try to mass-assign a parameter hash that contains unpermitted keys. Your job_params method returns a hash containing only the key/values specified in the permit call so everything should be fine...

Are you sure that the error happens in the posted code segment? The only possible location would be the line @job = Job.new(job_params), is this line mentioned in the backtrace? If not, could you please post the complete backtrace? Because the error then must happen in a filter or observer or something like that...

severin
  • 10,148
  • 1
  • 39
  • 40