I get ActiveModel::ForbiddenAttributesError with Active Admin and Devise

限于喜欢 提交于 2019-12-24 07:19:32

问题


I'm working on an app where I'm using Active Admin and Devise. I have modified both User and Admin Users table (via migration) to allow both models use one signing in process using Device instead of Active Admin. As 'super user' Admin can Sign In and access Admin Active. And application users wouldn't access Admin Active.

The problem I'm face happens when I attempt to create a new user or Admin. I get the following error:

ActiveModel::ForbiddenAttributesError in Admin::UsersController#create 

It seems like simple but I can't see it. Here is the code:

Schema.rb

ActiveRecord::Schema.define(version: 20140721134754) do

  create_table "active_admin_comments", force: true do |t|
    t.string   "namespace"
    t.text     "body"
    t.string   "resource_id",   null: false
    t.string   "resource_type", null: false
    t.integer  "author_id"
    t.string   "author_type"
    t.datetime "created_at"
    t.datetime "updated_at"
  end

  add_index "active_admin_comments", ["author_type", "author_id"], name: "index_active_admin_comments_on_author_type_and_author_id"
  add_index "active_admin_comments", ["namespace"], name: "index_active_admin_comments_on_namespace"
  add_index "active_admin_comments", ["resource_type", "resource_id"], name: "index_active_admin_comments_on_resource_type_and_resource_id"

  create_table "admin_users", force: true do |t|
    t.string   "email",                  default: "", null: false
    t.string   "encrypted_password",     default: "", null: false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          default: 0,  null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
    t.datetime "created_at"
    t.datetime "updated_at"
  end

  add_index "admin_users", ["email"], name: "index_admin_users_on_email", unique: true
  add_index "admin_users", ["reset_password_token"], name: "index_admin_users_on_reset_password_token", unique: true

  create_table "users", force: true do |t|
    t.string   "email",                  default: "",    null: false
    t.string   "encrypted_password",     default: "",    null: false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          default: 0,     null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.boolean  "superadmin",             default: false, null: false
  end

  add_index "users", ["email"], name: "index_users_on_email", unique: true
  add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true

end

app/admin.user.rb

The problem happens with 3rd line with create_or_edit >> @user.attributes = params[:user].delete_if do |k, v|

ActiveAdmin.register User do

  def registration_params
    params.require(:user).permit(:email, :password, :password_confirmation, :superadmin)
  end

  index do
    column :email
    column :current_sign_in_at
    column :last_sign_in_at
    column :sign_in_count
    actions
  end

  form do |f|
    f.inputs "User Details" do
      f.input :email
      f.input :password
      f.input :password_confirmation
      f.input :superadmin, :label => "Super Administrator"
    end
    f.actions
  end

  create_or_edit = Proc.new {
    @user            = User.where(id: params[:id]).first_or_create
    @user.superadmin = params[:user][:superadmin]
    @user.attributes = params[:user].delete_if do |k, v|
      (k == "superadmin") ||
      (["password", "password_confirmation"].include?(k) && v.empty? && !@user.new_record?)
    end
    if @user.save
      redirect_to :action => :show, :id => @user.id
    else
      render active_admin_template((@user.new_record? ? 'new' : 'edit') + '.html.erb')
    end
  }
  member_action :create, :method => :post, &create_or_edit
  member_action :update, :method => :put, &create_or_edit
end

As you see I had added attempt to solve this issue but it doesn't work.

  def registration_params
    params.require(:user).permit(:email, :password, :password_confirmation, :superadmin)
  end

Also I tried following solution for ApplicationController but still get same error message.

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:email, :password, :password_confirmation, :superadmin, :remember_me)}
  end

What am I missing here.!?

UPDATE...

Error message

ActiveModel::ForbiddenAttributesError in Admin::UsersController#create
ActiveModel::ForbiddenAttributesError

Error occured @line 25

app/admin/user.rb

22  create_or_edit = Proc.new {
23    @user            = User.where(:id => params[:id]).first || User.new
24    @user.superadmin = params[:user][:superadmin]
*25    @user.attributes = params[:user].delete_if do |k, v|*
26      (k == "superadmin") ||
27      (["password", "password_confirmation"].include?(k) && v.empty? && !@user.new_record?)
28    end
29    if @user.save
30      redirect_to :action => :show, :id => @user.id

Request parameters

{"utf8"=>"✓", "authenticity_token" => "Gd5oS423984792834729384729847293847JFxGY8o=", "user"=>{ "email"=>"person@site.com", "password"=>"password", "password_confirmation"=>"password", "superadmin"=>"0" }, "commit"=>"Create User", "action"=>"create", "controller"=> "admin/users" }

Full Trace

activemodel (4.1.0) lib/active_model/forbidden_attributes_protection.rb:21:in `sanitize_for_mass_assignment'
activerecord (4.1.0) lib/active_record/attribute_assignment.rb:24:in `assign_attributes'
app/admin/user.rb:27:in `block (2 levels) in <top (required)>'
actionpack (4.1.0) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
actionpack (4.1.0) lib/abstract_controller/base.rb:189:in `process_action'
actionpack (4.1.0) lib/action_controller/metal/rendering.rb:10:in `process_action'
actionpack (4.1.0) lib/abstract_controller/callbacks.rb:20:in `block in process_action'
activesupport (4.1.0) lib/active_support/callbacks.rb:113:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:113:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:229:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:229:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:229:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:229:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.0) lib/active_support/callbacks.rb:86:in `call'
activesupport (4.1.0) lib/active_support/callbacks.rb:86:in `run_callbacks'
actionpack (4.1.0) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.1.0) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.1.0) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
activesupport (4.1.0) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.1.0) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.1.0) lib/active_support/notifications.rb:159:in `instrument'
actionpack (4.1.0) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.1.0) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.1.0) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.1.0) lib/abstract_controller/base.rb:136:in `process'
actionview (4.1.0) lib/action_view/rendering.rb:30:in `process'
actionpack (4.1.0) lib/action_controller/metal.rb:195:in `dispatch'
actionpack (4.1.0) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.1.0) lib/action_controller/metal.rb:231:in `block in action'
actionpack (4.1.0) lib/action_dispatch/routing/route_set.rb:80:in `call'
actionpack (4.1.0) lib/action_dispatch/routing/route_set.rb:80:in `dispatch'
actionpack (4.1.0) lib/action_dispatch/routing/route_set.rb:48:in `call'
actionpack (4.1.0) lib/action_dispatch/journey/router.rb:71:in `block in call'
actionpack (4.1.0) lib/action_dispatch/journey/router.rb:59:in `each'
actionpack (4.1.0) lib/action_dispatch/journey/router.rb:59:in `call'
actionpack (4.1.0) lib/action_dispatch/routing/route_set.rb:676:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:35:in `call'
rack (1.5.2) lib/rack/head.rb:11:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/flash.rb:254:in `call'
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.1.0) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.1.0) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
activerecord (4.1.0) lib/active_record/migration.rb:380:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.1.0) lib/active_support/callbacks.rb:82:in `run_callbacks'
actionpack (4.1.0) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.1.0) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.1.0) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.1.0) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.1.0) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.1.0) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.1.0) lib/rails/rack/logger.rb:20:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
rack (1.5.2) lib/rack/runtime.rb:17:in `call'
activesupport (4.1.0) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
actionpack (4.1.0) lib/action_dispatch/middleware/static.rb:64:in `call'
rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
railties (4.1.0) lib/rails/engine.rb:514:in `call'
railties (4.1.0) lib/rails/application.rb:144:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/content_length.rb:14:in `call'
rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
/usr/local/opt/rbenv/versions/2.0.0-p481/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
/usr/local/opt/rbenv/versions/2.0.0-p481/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
/usr/local/opt/rbenv/versions/2.0.0-p481/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'

UPDATED

development.log

Started POST "/admin/users" for 66.241.138.122 at 2014-07-23 17:03:03 +0000
Processing by Admin::UsersController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"HQDRvcsf111111132XFsLc=", "user"=>{"email"=>"person@site", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "superadmin"=>"1"}, "commit"=>"Create User"}
  [1m[35mUser Load (0.2ms)[0m  SELECT  "users".* FROM "users"  WHERE "users"."id" = 1  ORDER BY "users"."id" ASC LIMIT 1
  [1m[36mUser Load (0.2ms)[0m  [1mSELECT  "users".* FROM "users"  WHERE "users"."id" IS NULL  ORDER BY "users"."id" ASC LIMIT 1[0m
Completed 500 Internal Server Error in 20ms

ActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):
  app/admin/user.rb:18:in `block (2 levels) in <top (required)>'


  Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_source.erb (0.8ms)
  Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (1.4ms)
  Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (1.1ms)
  Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (25.1ms)

回答1:


Why don't you permit your params just like the documentation says? https://github.com/gregbell/active_admin/blob/master/docs/2-resource-customization.md#setting-up-strong-parameters



来源:https://stackoverflow.com/questions/24874965/i-get-activemodelforbiddenattributeserror-with-active-admin-and-devise

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!