Rails 5 Unpermitted parameter: organization -


i getting error unpermitted parameter: organization when submit sign form user. using 'auth scratch' variant, not devise. here code:

user.rb

class user < applicationrecord     belongs_to :organization     has_secure_password end

organization.rb

class organization < applicationrecord     has_many :users   has_many :tasks   accepts_nested_attributes_for :users end

users_controller.rb

class userscontroller < applicationcontroller     def new     @user = user.new     @organization = organization.new   end    def create     @user = user.new(user_params)     @user.build_organization(user_params[:organization_attributes])     if @user.save       session[:user_id] = @user.id       redirect_to root_url, notice: "thank signing up!"     else       render "new"     end   end    private     # use callbacks share common setup or constraints between actions.     def set_user       @user = user.find(params[:id])     end      # never trust parameters scary internet, allow white list through.     def user_params       params.require(:user).permit(:email, :password, :password_confirmation, :admin,         organization_attributes: :name)     end end

new.html.erb

<h1>sign up</h1>  <%= form_for @user |f| %>   <% if @user.errors.any? %>     <div class="error_messages">       <h2>form invalid</h2>       <ul>         <% @user.errors.full_messages.each |message| %>           <li><%= message %></li>         <% end %>       </ul>     </div>   <% end %>    <div class="field">     <%= f.label :email %><br />     <%= f.text_field :email %>   </div>   <div class="field">     <%= f.fields_for :organization |org| %>     <%= 'organization or company name' %><br />     <%= org.text_field :name %>     <% end %>   </div>   <div class="field">     <%= f.label :password %><br />     <%= f.password_field :password %>   </div>   <div class="field">     <%= f.label :password_confirmation %><br />     <%= f.password_field :password_confirmation %>   </div>   <div class="field">     <%= f.label :admin %><br />     <%= f.check_box :admin %>   </div>   <div class="actions"><%= f.submit "sign up" %></div> <% end %>

here peek @ console upon submission...

processing userscontroller#create html   parameters: {"utf8"=>"✓", "authenticity_token"=>"lhzxstf43pigkwmxly/fufgovnemugqymwtmkhckntmolariqbujuo/qxyuvpfxifab4qvv2sumdqa5o2gglba==", "user"=>{"email"=>"myuser@user.com", "organization"=>{"name"=>"myorg"}, "password"=>"[filtered]", "password_confirmation"=>"[filtered]", "admin"=>"0"}, "commit"=>"sign up"} unpermitted parameter: organization unpermitted parameter: organization    (0.1ms)  begin transaction   sql (0.3ms)  insert "organizations" ("created_at", "updated_at") values (?, ?)  [["created_at", 2016-07-25 15:39:56 utc], ["updated_at", 2016-07-25 15:39:56 utc]]   sql (0.1ms)  insert "users" ("email", "password_digest", "organization_id", "created_at", "updated_at") values (?, ?, ?, ?, ?)  [["email", "myuser@user.com"], ["password_digest", "$2a$10$meexo6bu9fgwmv3wovdyhel.1ighx4eedvo67qp.opmh1bjhs0z0g"], ["organization_id", 10], ["created_at", 2016-07-25 15:39:56 utc], ["updated_at", 2016-07-25 15:39:56 utc]]    (0.7ms)  commit transaction redirected http://localhost:3000/ completed 302 found in 64ms (activerecord: 1.1ms)

me thinks root of issue organization"=>{"name"=>"myorg"} when parameters submitted, should organization_attributes instead?

your guess correct, there couple other issues.

  1. change strong_params option organization_attributes mentioned.
  2. you have accepts_nested_attributes backwards. because creating user user_params, user model needs accepts_nested_attributes :organization, while organization not need (unless use elsewhere).
  3. after tweaking models, won't need explicitly build organization anymore via @user.build_organization(user_params[:organization_attributes]). line can removed.

lastly, want point out may not want allow admin flag passed through, security risk. don't know app, wanted mention it.


Comments

Post a Comment

Popular posts from this blog

jOOQ update returning clause with Oracle -

according http://www.jooq.org/doc/3.8/manual/sql-building/sql-statements/update-statement/ jooq doesn't support returning clause in update statements databases except firebird , postgres. does know, still correct oracle jooq? according oracle's documentation, oracle db supports returning clase delete, insert, or update statements. incorrect manual you're right - manual wrong , should fixed: https://github.com/jooq/jooq/issues/5470 single row update returning jooq 3.8 added support single row update .. returning statements. internally, uses callablestatement , pl/sql block of form: begin update "my_table" set "my_table"."column" = 'xyz' "my_table"."id" = 1 returning "my_table"."id", "my_table"."column" ?, ?; ? := sql%rowcount; end; the relevant issue is: https://github.com/jooq/jooq/issues/5190 multi row update returning a...
Read more

java - Warning equals/hashCode on @Data annotation lombok with inheritance -

i have entity inherits other. on other hand, i'm using lombok project reduce boilerplate code, put @data annotation. annotation @data inheritance produces next warning: generating equals/hashcode implementation without call superclass, though class not extend java.lang.object. if intentional, add '@equalsandhashcode(callsuper=false)' type. is advisable add annotation @equalsandhashcode (callsuper = true) or @equalsandhashcode (callsuper = false) ? if not added, 1 callsuper=false or callsuper=true ? the default value false . 1 if don't specify , ignore warning. yes, recommended add @equalsandhashcode annotation on @data annotated classes extend else object. cannot tell if need true or false , depends on class hierarchy, , need examined on case-by-case basis. however, project or package, can configure in lombok.config call super methods if not direct subclass of object. lombok.equalsandhashcode.callsuper = call for configuration system ...
Read more

java - BasicPathUsageException: Cannot join to attribute of basic type -

i using java 8 jpa (hibernate 5.2.1). have clause works perfectly, until introduce clause make use foreign key table values too. i getting following error: basicpathusageexception: cannot join attribute of basic type i think problem related fact have join table, , not sure how create join using join table. employee - employee_category - category model (employee.java): @manytomany(cascade = cascadetype.all, fetch=fetchtype.eager) @jointable ( name="employee_category", joincolumns={ @joincolumn(name="emp_id", referencedcolumnname="id") }, inversejoincolumns={ @joincolumn(name="cat_id", referencedcolumnname="id") } ) private set<category> categories; model (category.java): @id private string id; jpa when introduce following code, fails error above (i think problem new piece of code): join<t, category> category = from.join("id"); predicates.add(criteriabuilder.like(category....
Read more