0

I'm struggling with a Forbidden attributes error in a form that I've been working on. I tried removing all fields but one and am still getting the error so I'm really baffled.

Below is the one-field version of the form that's throwing the error and its respective controller. I've also included the relevant model.

Any thoughts on the matter would be appreciated, I'm really stumped.

The form is as follows:

<link href="https://gitcdn.github.io/bootstrap-toggle/2.2.0/css/bootstrap-toggle.min.css" rel="stylesheet">
<div id="wrapper" class="active main-content">
    <%= simple_form_for @incorporation, html: {id:"incorporationform"}, remote: @remote, update: { success: "response", failure: "error"} do |f| %>
        <p id="reportalert"></p>
        <div class="panel-body">
            <div id="basic_info" class="form_section">

                <div class="form-left"><h2>Basic Info</h2></div>
                <div class="form-right">
                    <div class="padded-fields">
                        <div class="form_subsection">
                            <%= f.input :trademark_search, as: :radio_buttons, checked: false, label: 'Would you like us to do a trademark search and provide advice regarding any issues we identify in relation to the name you have selected?', input_html: { class: 'form-control radio' } %>
                        </div>
                    </div>
                </div>
            </div>

        </div>
        <%= f.submit :id => 'submit_button', :style => 'display: none;' %>
    <!-- Sidebar -->
    <!-- Sidebar -->
        <div id="sidebar-wrapper">
            <ul id="sidebar_menu" class="sidebar-nav">
                <li class="sidebar-brand"><a id="menu-toggle" href="#">Menu<span id="main_icon" class="glyphicon glyphicon-align-justify"></span></a></li>
            </ul>
            <% @sections=[["basic_info", "Basic Info"],["address", "Address"],["equity", "Equity"],["officers","Officers"],["directors", "Directors"],["contractor","Contractors"],["ip","IP"],["shareholders", "Shareholders"]] %>
            <ul class="sidebar-nav" id="sidebar">
                <% @sections.each do |section| %>
                    <li><a href="#<%= section[0] %>" class="anchor_link"><span class="sub_icon glyphicon glyphicon-link"></span><%= section[1] %></a></li>
                <% end %>
            </ul>
            <div id="save_alert">Progress Saved</div>
            <% if @action== "new" %>
                <%= f.button :submit, id: "save" %>
            <% else %>
                <%= f.button :submit, id: "save" %>
            <% end %>
        </div>
        <div id="final-submission" style="float:right">
            <div>
                <label class="final-submission" style="display:block">Signify that you are done editing.</label>
                <%= f.input :submit, type: :checkbox, input_html:{id:'toggle-two', class: "final-submission"}, label: false %>
            </div>
            <div>
                <%= f.submit :id => 'submit_button', label: "Submit" %>
            </div>
        </div>
    <% end %>
</div>

The Controller is as follows

    class IncorporationsController < ApplicationController
        load_and_authorize_resource

        def index
            if admin_signed_in?
                authorize! :index, Incorporation
                @incorporations = Incorporation.all.order("created_at DESC")
            else
                authorize! :index, Ability
    #       @user = current_user.find(params[:id])
                @incorporations = current_user.incorporations("created_at DESC")
            end
        end

        def show
        end

        def new
            @user=current_user
            puts "just before user from console"
            puts "user from console #{@user}"
            @incorporation = @user.incorporations.build
            @company = @incorporation.build_company
            @action = "new"
            @remote=false
        end

        def create
            @incorporation = current_user.incorporations.build(incorporation_params)

            if @incorporation.save
                redirect_to edit_incorporation_path(@incorporation), notice: "Successfuly saved incorporation info."
            else
                render 'new', notice: "Something went wrong; form unable to be saved."
    #       render :nothing => true
            end
        end

        def edit
            @action="edit"
            @remote=true
            @incorporation = Incorporation.find(params[:id])
        end

        def update
            if @incorporation.update(incorporation_params)
                redirect_to welcome_index_path
            else
                render 'edit'
            end
        end

        def show
        end

        def incorpgenerate
            render nothing: true
            respond_to do |format|
                format.docx do
                    IncorporationService.new(@incorporation).incorporation_document_generate
                end
            end
        end

        def destroy
            @incorporation = Incorporation.find(params[:id])
            @incorporation.destroy

            redirect_to incorporations_index_path
        end

        def dropboxstuff(drpath)

        end

        private

        def find_incorporation
            @incorporation = Incorporation.find(params[:id])
        end

        def incorporation_params
            params.require(:incorporation).permit(:title, :trademark_search, :user_id, :employee_stock_options, :submit, :_destroy)
        end
    end

incorporation.rb

class Incorporation < ActiveRecord::Base
  belongs_to :user
  has_one :company, dependent: :destroy

  accepts_nested_attributes_for :company, :allow_destroy => true

end

My error log is as follows:

Started POST "/incorporations" for 127.0.0.1 at 2015-07-08 00:52:38 -0600
Processing by IncorporationsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"TB+mKc0hCj5hJs0L0wj1sGaxp8O4fwdy6+0551PS+Z8=", "incorporation"=>{"trademark_search"=>"false", "submit"=>"0"}, "commit"=>"Create Incorporation"}
Completed 500 Internal Server Error in 3ms


ActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):
  activemodel (4.1.8) lib/active_model/forbidden_attributes_protection.rb:21:in `sanitize_for_mass_assignment'
  activerecord (4.1.8) lib/active_record/attribute_assignment.rb:24:in `assign_attributes'
  activerecord (4.1.8) lib/active_record/core.rb:453:in `init_attributes'
  activerecord (4.1.8) lib/active_record/core.rb:196:in `initialize'
  activerecord (4.1.8) lib/active_record/inheritance.rb:30:in `new'
  activerecord (4.1.8) lib/active_record/inheritance.rb:30:in `new'
  cancan (1.6.10) lib/cancan/controller_resource.rb:85:in `build_resource'
  cancan (1.6.10) lib/cancan/controller_resource.rb:66:in `load_resource_instance'
  cancan (1.6.10) lib/cancan/controller_resource.rb:32:in `load_resource'
  cancan (1.6.10) lib/cancan/controller_resource.rb:25:in `load_and_authorize_resource'
  cancan (1.6.10) lib/cancan/controller_resource.rb:10:in `block in add_before_filter'
  activesupport (4.1.8) lib/active_support/callbacks.rb:440:in `instance_exec'
  activesupport (4.1.8) lib/active_support/callbacks.rb:440:in `block in make_lambda'
  activesupport (4.1.8) lib/active_support/callbacks.rb:160:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:160:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:229:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:229:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:229:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:229:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:166:in `block in halting'
  activesupport (4.1.8) lib/active_support/callbacks.rb:86:in `call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:86:in `run_callbacks'
  actionpack (4.1.8) lib/abstract_controller/callbacks.rb:19:in `process_action'
  actionpack (4.1.8) lib/action_controller/metal/rescue.rb:29:in `process_action'
  actionpack (4.1.8) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
  activesupport (4.1.8) lib/active_support/notifications.rb:159:in `block in instrument'
  activesupport (4.1.8) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (4.1.8) lib/active_support/notifications.rb:159:in `instrument'
  actionpack (4.1.8) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
  actionpack (4.1.8) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
  activerecord (4.1.8) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  actionpack (4.1.8) lib/abstract_controller/base.rb:136:in `process'
  actionview (4.1.8) lib/action_view/rendering.rb:30:in `process'
  actionpack (4.1.8) lib/action_controller/metal.rb:196:in `dispatch'
  actionpack (4.1.8) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  actionpack (4.1.8) lib/action_controller/metal.rb:232:in `block in action'
  actionpack (4.1.8) lib/action_dispatch/routing/route_set.rb:82:in `call'
  actionpack (4.1.8) lib/action_dispatch/routing/route_set.rb:82:in `dispatch'
  actionpack (4.1.8) lib/action_dispatch/routing/route_set.rb:50:in `call'
  actionpack (4.1.8) lib/action_dispatch/journey/router.rb:73:in `block in call'
  actionpack (4.1.8) lib/action_dispatch/journey/router.rb:59:in `each'
  actionpack (4.1.8) lib/action_dispatch/journey/router.rb:59:in `call'
  actionpack (4.1.8) lib/action_dispatch/routing/route_set.rb:678:in `call'
  warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
  warden (1.2.3) lib/warden/manager.rb:34:in `catch'
  warden (1.2.3) lib/warden/manager.rb:34:in `call'
  rack (1.5.2) lib/rack/etag.rb:23:in `call'
  rack (1.5.2) lib/rack/conditionalget.rb:35:in `call'
  rack (1.5.2) lib/rack/head.rb:11:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/flash.rb:254:in `call'
  rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
  rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/cookies.rb:560:in `call'
  activerecord (4.1.8) lib/active_record/query_cache.rb:36:in `call'
  activerecord (4.1.8) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
  activerecord (4.1.8) lib/active_record/migration.rb:380:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
  activesupport (4.1.8) lib/active_support/callbacks.rb:82:in `run_callbacks'
  actionpack (4.1.8) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/reloader.rb:73:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
  railties (4.1.8) lib/rails/rack/logger.rb:38:in `call_app'
  railties (4.1.8) lib/rails/rack/logger.rb:20:in `block in call'
  activesupport (4.1.8) lib/active_support/tagged_logging.rb:68:in `block in tagged'
  activesupport (4.1.8) lib/active_support/tagged_logging.rb:26:in `tagged'
  activesupport (4.1.8) lib/active_support/tagged_logging.rb:68:in `tagged'
  railties (4.1.8) lib/rails/rack/logger.rb:20:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/request_id.rb:21:in `call'
  rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
  rack (1.5.2) lib/rack/runtime.rb:17:in `call'
  activesupport (4.1.8) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
  rack (1.5.2) lib/rack/lock.rb:17:in `call'
  actionpack (4.1.8) lib/action_dispatch/middleware/static.rb:84:in `call'
  rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
  railties (4.1.8) lib/rails/engine.rb:514:in `call'
  railties (4.1.8) lib/rails/application.rb:144:in `call'
  rack (1.5.2) lib/rack/lock.rb:17:in `call'
  rack (1.5.2) lib/rack/content_length.rb:14:in `call'
  rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
  /home/sam/.rvm/rubies/ruby-2.2.0/lib/ruby/2.2.0/webrick/httpserver.rb:138:in `service'
  /home/sam/.rvm/rubies/ruby-2.2.0/lib/ruby/2.2.0/webrick/httpserver.rb:94:in `run'
  /home/sam/.rvm/rubies/ruby-2.2.0/lib/ruby/2.2.0/webrick/server.rb:294:in `block in start_thread'


  Rendered /home/sam/.rvm/gems/ruby-2.2.0/gems/actionpack-4.1.8/lib/action_dispatch/middleware/templates/rescues/_source.erb (0.5ms)
  Rendered /home/sam/.rvm/gems/ruby-2.2.0/gems/actionpack-4.1.8/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (1.2ms)
  Rendered /home/sam/.rvm/gems/ruby-2.2.0/gems/actionpack-4.1.8/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (1.1ms)
  Rendered /home/sam/.rvm/gems/ruby-2.2.0/gems/actionpack-4.1.8/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (17.1ms)
neanderslob
  • 2,633
  • 6
  • 40
  • 82
  • Can you post your complete error log? Also how are you handling multiple submit buttons in your form? – Pavan Jul 08 '15 at 07:29
  • @Pavan Ah I forgot to post that and will put it in the question. The multiple submit buttons operate as a "Save" and "Final Submit" In order to make the final submit, the user clicks the "Final submission" checkbox which removes the `remote=>true` from the form and then the form performs a normal submit. To clarify, this all worked perfectly until made some changes to the models in my app and moved the fields around. But even without involving those, it's still not submitting. Thanks for having a look and I'll get that error log up pronto. – neanderslob Jul 08 '15 at 07:46
  • @Pavan error log added – neanderslob Jul 08 '15 at 07:53
  • Could you add params log too :) – Pavan Jul 08 '15 at 08:17
  • @Pavan oh, sure thing; I've added it to the top of the log in the question. Also, I just figured out that the error goes away when I get rid of CanCan's `load_and_authorize_resource` at the top of the controller. – neanderslob Jul 08 '15 at 09:17
  • @Pavan Figured it out and it wasn't a satisfying answer. Thanks for your help though! – neanderslob Jul 08 '15 at 13:35

1 Answers1

0

Ugg, figured it out; very unsatisfying. I was using the gem cancan which hasn't been updated since early 2013 and doesn't know what to do with strong params. I had to change the gem I was using to cancancan (that's THREE "can"s), which is just a fork of cancan that's still updated.

neanderslob
  • 2,633
  • 6
  • 40
  • 82