The full error is the following:
ActiveModel::ForbiddenAttributesError in Admin::ProductsController#create
My product model only has a name and price. Why is commit a parameter? When I click the 'Create Product' button within the admin dashboard, this is the params output:
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"6/pCeklsaik4sYF5h8+WRPddkH7wJn9ZJHd6YLaaNuc=",
"product"=>{"name"=>"Black Shirt Male",
"price"=>"25"},
"commit"=>"Create Product"}
From what I've gathered reading other Stack Overflow posts, you need to use strong parameters in Rails 4 instead of attr_accessible, which was done for me when I scaffolded the product model. In my create action in the Products controller, I have:
#product = Product.new(product_params)
And product_params is defined as:
def product_params
params.require(:product).permit(:name, :price)
end
I didn't do anything fancy when I created the model, and in my Gemfile I'm using the following as the documentation suggested for Rails 4:
gem 'stripe', :git => 'https://github.com/stripe/stripe-ruby'
Why am I getting this error when I create a new product via the Active Admin dashboard? Any input on the matter is appreciated.
Alright figured it out. I'm not sure if this is the 'correct' way but the products are being created.
in app/admin/product.rb I did:
permit_params :list, :of, :attributes, :on, :model, :name, :price
where
permit_params :list, :of, :attributes, :on, :model
was initially commented out. So I just added :name and :price
Question already answered, but I'm adding this as a helpful resource to supplement this answer:
https://github.com/activeadmin/active_admin/blob/master/docs/2-resource-customization.md#setting-up-strong-parameters
Related
I've two models: ad and variant
Model: Ad
has_one :variant
accepts_nested_attributes_for :variant
Controller AdsController strong parameters:
params.require(:ad).permit(:title, :desc, variant_attributes: [:custom_image_1, :custom_image_2, :custom_image_3])
View ads/_form.slim
= f.fields_for :variant, #ad.variant || Variant.new do |va|
- 3.times do |i|
= va.file_field "custom_image_#{i+1}"
In view I added the nested form fields using a loop. The problem is when I create any AD, that time suppose I upload only one image in variant form (custom_image_1). Now, I came back for editing and uploaded another image on the variant (custom_image_2).
After the update, I saw that my previously uploaded custom_image_1 is deleted and only custom_image_2 is present in the database.
What is the reason behind it?
I check the params while submitting the edit form. There only contains the custom_image_2 in submitted attributes.
Hope someone will find that useful:
In my strong parameters, I need to include :id to resolve this issue.
params.require(:ad).permit(:title, :desc, variant_attributes: [:id, :custom_image_1, :custom_image_2, :custom_image_3])
I have an ActiveAdmin model registered as such:
ActiveAdmin.register MyModel do
permit_params :name, :synonyms
filter :name
index do
selectable_column
column :name
actions
end
end
I noticed that when I update an object from the ActiveAdmin interface, the synonyms are getting cleared out. Synonyms are an array field defined as such in the PostgreSQL database:
synonyms text[] DEFAULT '{}'::text[]
I tried putting the following in app/admin/my_model.rb:
controller do
def update
permitted_params[:my_model][:synonyms] = JSON.parse permitted_params[:my_model][:synonyms]
super
end
end
and I also tried it with params instead of permitted_params but that doesn't work either. Not sure why ActiveAdmin would be discarding this field. Am I doing something incorrectly? The project I'm working with uses ActiveAdmin 1.0.0.pre4 (I realize this is a dated version).
Any advice would be much appreciated. Thanks in advance!
Notes: Seems this might be a common issue?
I'm not sure if this is applicable to string arrays and I don't know about that specific version of Activeadmin, but I encountered this issue in a slightly different context.
I had a model where the array data types were decimals & integers. I had to explicitly state the type of form input to be used when editing / updating the record or nothing was passed back from the field with the update parameters. Activeadmin chose a number input by default, but it needed to be processed as a string.
form do |f|
f.inputs do
f.input :ages, as :string, :input_html => {:maxlength => '100'}
end
end
I had to set maxlength manually because for some reason it was automatically being set very short. In the model, the string then has to be converted into an actual array before being saved.
def ages= items
if items.is_a? String
items = items.split(' ')
items.each do |i|
i.to_i
end
end
super items
end
I really can't get my head around Rails 4 strong parameters, belongs_to association and form with fields_for.
Imagine I have model for quoting some price:
class Quote < ActiveRecord::Base
belongs_to :fee
accepts_nested_attributes_for :fee
Now, I have seeded some fees into the db, and have put some radiobuttons on my form_for #quote using fields_for. The values of the radiobuttons are simply ids of the records.
Here is the troubling part, the controller:
def create
#quote = Quote.new(quote_params)
...
end
def quote_params
params.require(:quote).permit(:amount_from, fee_attributes: [:id])
end
From my understanding, automagically Rails should fetch fee record with some id, but there is some mystic error instead.
params hash is: "quote"=>{"amount_from"=>"1200", "fee_attributes"=>{"id"=>"1"}}
Log tail:
Completed 404 Not Found in 264ms
ActiveRecord::RecordNotFound (Couldn't find Fee with ID=1 for Quote with ID=)
app/controllers/quotes_controller.rb:14:in `create'
I really don't understand what is going on here, have read Rails association guide, googled for hour for all info, but to no avail.
What I want to achieve here is to understand the correct "Rails way" to fetch some associations for new Quote object using some params I've put in the form.
Guess I got nested_attributes_for wrong, somehow thought it would call Fee.find automagically.
I've opted for ditching fields_for helpers from the form and rendering fields manually like
radio_button_tag 'fee[id]', fee.id
Then in controller I have 2 params methods now:
def quote_params
params.require(:quote).permit(:amount_from)
end
def fee_params
params.require(:fee).permit(:id)
end
And my action looks like
def create
#quote = Quote.new(quote_params)
#quote.fee = Fee.find(fee_params[:id])
...
Any additions on best practices when one has to handle lots of different objects with not so straight init logic are welcome.
I have the following models
class User::ActiveAdmin::Partner < User::ActiveAdmin::Base
embeds_many :bonuses, class_name: 'User::Bonus'
end
and
class User::Bonus
include Mongoid::Document
embedded_in :partner, class_name: 'User::ActiveAdmin::Partner'
end
and then I register Bonuses in Active Admin
ActiveAdmin.register User::Bonus, as: 'Bonuses' do
config.filters = false
permit_params :number, :order_id
controller do
def scoped_collection
if current_admin_user.is_a? User::ActiveAdmin::Partner
current_admin_user.bonuses.page(params[:page]).per(10)
else
super
end
end
end
the collection is not empty (I have created a couple of bonuses), but in ActiveAdmin index page I see, that there are NO BONUSES. And nothing I can do to make it displayed properly. I have noticed, that User::Bonus table is empty, even if a partner does have any, but as I know, this is the way it works, and this is OK. So how can I make my table to be displayed? Thanks.
The problem in method ActiveAdmin::Helpers::Collection#collection_size. You are using old version of activeadmin-mongoid. Try update activeadmin-mongoid.
In rails4 branch, collection_size isn't correct. You should override this method in your app like here: https://github.com/elia/activeadmin-mongoid/blob/master/lib/active_admin/mongoid/helpers/collection.rb
I have recently added a field "tag" to my blog app built in Rails 4. Below you can see the field appearing in the Edit view:
But once I return to the Show view after editing, this does not appear:
When I check the database directly I can definitely see it exists:
sqlite> PRAGMA table_info(POSTS);
0|id|INTEGER|1||1
1|title|varchar(255)|0||0
2|body|text|0||0
3|created_at|datetime|0||0
4|updated_at|datetime|0||0
5|slug|varchar(255)|0||0
6|tag|varchar(255)|0||0
Can anyone suggest what is going on or how to troubleshoot this?
Rails 4 uses strong parameters by default. This means you have to explicitly whitelist params you wish to mass assign.
When adding a new attribute to a model, you have to remember to update the permitted params in you controller.
For example, in your case, you would need to make sure :tags are added like so:
class PostController < ActionController::Base
def update
post = Post.find(params[:id])
post.update(post_params)
redirect_to post
end
private
def post_params
params.require(:post).permit(:title, :body, :tag)
end
end