6

I am having a Rails with ActiveAdmin with Devise for Authentication. I have AdminUser and User models so that User model doesn't have to care about admin. However, I cannot create/edit neither Adminuser nor User FROM INSIDE the Admin page. Every time I try doing so, it will give me message

Can't mass-assign protected attributes: email, password, password_confirmation

That's weird because inside User model and AdminUser models, I already have:

attr_accessible :email, :password, :password_confirmation

To try it other way, I went to rails console and try creating an AdminUser and it all worked:

AdminUser.create(:email => 'asdf@admin2.com', 
    :password => 'password', :password_confirmation => 'password')

That means only creation from the Admin web page failed.

I am using Devise for Authentication. The error occurs with both User and AdminUser models.

For password and password_confirmation, I don't have those fields in the Database, but that is the way Devise is by default, it never have password in Database.

Here is the User Model:

devise :database_authenticatable, :registerable, :rememberable, :recoverable, :trackable, :omniauthable, :omniauth_providers => [:facebook]
         ##, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid

  # attr_accessible :title, :body
    validates :email, :password, :first_name, :last_name,
              presence: true
    validates :email, uniqueness: true

  has_many :devices
  has_many :posts
u19964
  • 3,255
  • 4
  • 21
  • 28
  • 2
    maybe you have to add ":as => :admin_user" to your attr_accessible. I don´t know it exaclty for the active_admin gem, but for example if you are using this gem https://github.com/fesplugas/typus you have to specify the role of the current user with :as => :admin_user – Matthias May 13 '13 at 06:22
  • I think this question will help you to understand the :as => "your-role" better..http://stackoverflow.com/questions/6877853/rails-how-to-declare-attr-accessible-for-mutliple-roles-without-duplication – Matthias May 13 '13 at 06:24
  • How your admin creation form look like? If you list the server logs that may help. – maximus ツ May 13 '13 at 06:59

1 Answers1

8

I change 

attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid

to 

attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid, :as => [:default, :admin]

and it works.

Termininja
  • 6,620
  • 12
  • 48
  • 49
u19964
  • 3,255
  • 4
  • 21
  • 28