Kevin Gillieron
2012-Apr-27 09:52 UTC
Can''t mass-assign protected attributes even if I use attr_accessible
Hi,
I''m working on a Rails 3.2.2 application which has JSON APIs and I use
a
CLI client for inserting some data. It works fine except for the Author
model. When I try to create a new post (Post belongs_to :author and
Author has_many :posts) I get the following error :
<h1>
ActiveModel::MassAssignmentSecurity::Error in
PostsController#create
</h1>
<pre>Can''t mass-assign protected attributes: name</pre>
I did lots of searches on the topic but I found no working solution :-(
I use attr_accessible to avoid MassAssignent errors and it works for all
others models but not for the "Author" name attribute.
Here is the Author model :
class Author < ActiveRecord::Base
attr_accessible :name, :email
extend FriendlyId
friendly_id :name, use: :slugged
# some validations
has_many :posts
#authlogic
acts_as_authentic
# some stuffs
end
Actually, I have disabled whitelist_attributes and it solved my problem
but I suppose that is not the convenient way to do this (and probably
not a good idea).
My question is : Why the attr_accessible does not work here ? And how
can I solve the problem without disabling the whitelist ?
Thank you,
Revan
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
Kevin Gillieron
2012-May-01 14:53 UTC
Re: Can''t mass-assign protected attributes even if I use attr_accessible
I found the solution ! :-) The problem was that I used acts_as_taggable_on_steroids plugin which does not work on Rails 3.2 ... Since "Author" is the only model which has a :name attribute, I thought that the problem came from Author ... but the problem was in the Tag model (which is in the acts_as_taggable_on_steroid plugin). Indeed, its :name attribute is not "accessible". So, I use the acts_as_taggable_on gem (https://github.com/mbleigh/acts-as-taggable-on) which correctly works on Rails 3.x -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Maybe Matching Threads
- Scoped attr_accessible not working?
- MassAssignmentSecurity for multiple contexts
- Ignore attr_accessible in seed file
- attr_accessible on some properties + attr_protected on others makes class 'open-by-default'
- difference between attr_accessor and attr_accessible?