ForbiddenAttributesError ruby on rails

Question

I have this model in Ruby but it throws a ActiveModel::ForbiddenAttributesError

class User < ActiveRecord::Base
def self.from_omniauth(auth)
    where(auth.slice("uid", "nickname", "image")).first ||  create_from_omniauth(auth)
end

def self.create_from_omniauth(auth)
    create! do |user|
        user.uid = auth["uid"]
        user.name = auth["info"]["nickname"]
        user.image = auth["info"]["image"]
    end
  end
end

when i run this action

def auth_callback
  user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
redirect_to root_url, notice: "signed in!"

end
end

on ruby 2.2.1p85 (2015-02-26 revision 49769) [x86_64-linux]

Can you please tell me how to get rid of this error?

Thanks in advance.

I don't know if this [issue](https://github.com/plataformatec/devise/issues/3157) is related to this. — JuanM., Feb 09 '16 at 20:07

score 1 · Accepted Answer · edited May 23 '17 at 12:07

I think that the slice method it no longer available to bypass strong parameters. Try this code, which tries to be more specific for auth options:

def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
    user.provider = auth.provider 
    user.uid      = auth.uid
    user.name     = auth.info.name
    user.save
  end
end

You may probably need to use auth[:provider] instead of auth.provider. Let me know in the comments if this works for you. You can also browse this question that helped me out.

ForbiddenAttributesError ruby on rails

1 Answers1