Rails 5 Nested attributes "Unpermitted parameter" - Whitelisted

Question

Error: Unpermitted parameter: properties

I'm whitelisting the properties{} in the request_controller.rb This usually works but not this time.

I'm not been able to save some of the data entered in a form. The 3 fields that are not saving are coming from a dynamic form "request_type". I followed Rails Cast episode 403 for this solution, which I have working well in another project but not in this one.

Source: http://railscasts.com/episodes/403-dynamic-forms

Sorry if this is a duplicate question, but I've looked at several other questions and I can't pin-point what I'm doing wrong here

I've researched several questions here, but I'm still not able to get it to work:
Rails 4 Nested Attributes Unpermitted Parameters
Nested attributes - Unpermitted parameters Rails 4

I'm omitting some stuff to make it easier to read the code. Please ask me if you need to see more.

Here's the log:

Processing by RequestsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"8EASewOIxY58b+SU+dxd2YAfpjt38IdwNSju69RPwl/OKfx3AfmvLav79igj8CqPbDwi0eJAwojRbtm+C9F6wg==", "request"=>{"name"=>"asdasddaa", "due_date(1i)"=>"2016", "due_date(2i)"=>"9", "due_date(3i)"=>"15", "user_id"=>"1", "project_id"=>"1", "request_type_id"=>"2", "properties"=>{"Name and last name"=>"asdasd", "Mobile"=>"asdada", "Office tel."=>"asdadas"}}, "commit"=>"Create Request"}
Unpermitted parameter: properties

Update

If I change the request_params to this:

def request_params
  params.require(:request).permit(:name, :due_date, :group_id, :user_id, :project_id, :request_type_id, properties:{} ).tap do |whitelisted|
    whitelisted[:properties] = params[:request][:properties]
  end
end

See: properties:{}

I get this Error:

Unpermitted parameters: Name and last name, Mobile, Office tel.

request_controller.rb

  def new
    @request = Request.new
    @request_type = RequestType.find(params[:request_type_id])
    @project = @request_type.project.id
  end

  def create
    @request = Request.new(request_params)

    respond_to do |format|
      if @request.save
        format.html { redirect_to @request, notice: 'Request was successfully created.' }
        format.json { render :show, status: :created, location: @request }
      else
        format.html { render :new }
        format.json { render json: @request.errors, status: :unprocessable_entity }
      end
    end
  end

    def request_params
      params.require(:request).permit(:name, :due_date, :group_id, :user_id, :project_id, :request_type_id, :properties).tap do |whitelisted|
        whitelisted[:properties] = params[:request][:properties]

      end
    end

request_types_controller.rb

  def new
    @request_type = RequestType.new
    @project = Project.find(params[:project])
  end

  def create
    @request_type = RequestType.new(request_type_params)

    respond_to do |format|
      if @request_type.save
        format.html { redirect_to @request_type, notice: 'Request type was successfully created.' }
        format.json { render :show, status: :created, location: @request_type }
      else
        format.html { render :new }
        format.json { render json: @request_type.errors, status: :unprocessable_entity }
      end
    end
  end

  def update
    respond_to do |format|
      if @request_type.update(request_type_params)
        format.html { redirect_to @request_type, notice: 'Request type was successfully updated.' }
        format.json { render :show, status: :ok, location: @request_type }
      else
        format.html { render :edit }
        format.json { render json: @request_type.errors, status: :unprocessable_entity }
      end
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_request_type
      @request_type = RequestType.find(params[:id])
    end


    def request_type_params
      params.require(:request_type).permit(:name, :project_id, properties:{}, fields_attributes: [:name, :field_type, :required, :id, :_destroy])
      # params.require(:product_type).permit(:name, :product_type_id)      
    end

models/request.rb

class Request < ApplicationRecord
  belongs_to :group
  belongs_to :user
  belongs_to :project
  belongs_to :request_type
  serialize :properties, Hash
end

models/request_type.rb

class RequestType < ApplicationRecord
  belongs_to :project
  has_many :fields, class_name: "RequestField"
  accepts_nested_attributes_for :fields, allow_destroy: true
  has_many :requests

end

models/request_field.rb

class RequestField < ApplicationRecord
  belongs_to :request_type
end

views/requests/new.html.erb

<%= form_for @request do |f| %>

  <%= f.fields_for :properties, OpenStruct.new(@request.properties) do |builder| %>
    <% @request_type.fields.each do |field| %>
      <%= render "requests/fields/#{field.field_type}", field: field, f: builder %>
    <% end %>
  <% end %>            


  <div class="actions">
    <%= f.submit class:"btn btn-primary" %>
  </div>
<% end %>

Answer 1

Try removing :properties from your request_params in your request_controller like this:

def request_params
  params.require(:request).permit(:name, :due_date, :group_id, :user_id, :project_id, :request_type_id).tap do |whitelisted|
    whitelisted[:properties] = params[:request][:properties]
end

EDIT

def request_params
  params.require(:request).permit(:id, :name, :due_date, :group_id, :user_id, :project_id, :request_type_id)
  params.require(:properties).permit!
end!