0

I have a table for challenges which the user can accept or decline and I can't get it to work properly. When the user clicks on the accept button he should get a notice that the challenge was accepted (doesn't work - its always not accepted) and the site should be refreshed - that works

I used the "ugly" way for button_to because I need the class and remote true attribute. And I know - the "decline" button is not uptodate because I worked with the accept button for now.

<tbody>
    <% @challenges.each do |ch| %>
      <tr>
        <td><%= Game.find_by_id(Duel.find_by_id(ch.duel_id).game_id).name %></td>
        <td><%= Duel.find_by_id(ch.duel_id).euro %></td>
        <td><%= link_to "#{User.find_by_id(ch.challengedplayer).name}", user_path(User.find_by_id(ch.challengedplayer))  %></td>
        <td><%= button_to 'Accept',  { controller: :challenges, action: "reaction", ch_accepted: true, challenge: ch, challenge_id: ch.id }, method: :patch, data: { confirm: 'Do you really want to challenge this player?'  }, class: 'button challenge', remote: true %></td>
        <td><%= button_to 'Decline', { controller: :challenges, action: "reaction", accepted: false}, method: :patch, data: { confirm: 'Are you sure?'  }, class: 'button challenge', remote: true%></td>
      </tr>
    <% end %>
  </tbody>

Here is the controller - I have a huge problem that I can't seem to use challenge_params .

       def reaction
    if :accepted == "true"
        @challenge = Challenge.find(params[:challenge_id])
        @challenge.open = false
        @challenge.accepted = true
        @challenge.save
        flash[:notice] = "You successfully challenged #{User.find_by_id(@challenge.challengedplayer).name} for #{Duel.find_by_id(@challenge.duel_id).euro }€"
        render :js => "window.location = 'challenges'"
      else
        flash[:notice] = "Error"
        render :js => "window.location = 'challenges'"
      end
  end



  private

    def challenge_params
      params.require(:challenge).permit(:accepted, :open, :duel_id, :challenge_id)
    end
  end

I also always get into the Error loop, even though :accepted is true

Started PATCH "/reaction?ch_accepted=true&challenge=1&challenge_id=1" for ::1 at 2015-09-03 20:25:33 +0200
Processing by ChallengesController#reaction as JS
  Parameters: {"authenticity_token"=>"rDT/OucYRavkRBXUGVpgtZsFG9eKAwRKNo+hSsc+VIJW1CfPBBqwlt7baRHrjz/g8n2dJX1ypjWVrk1Vs/Mgeg==", "ch_accepted"=>"true", "challenge"=>"1", "challenge_id"=>"1"}

And here is the route file

Rails.application.routes.draw do
  resources :duels
  patch 'reaction' => 'challenges#reaction'
  resources :challenges
  root to: 'duels#index'
  devise_for :users
  #, controllers: {registrations: "users/registrations"}
  resources :users
end
user1552850
  • 1
  • 1
  • The first thing to figure out IMHO is why your parameters are not permitted as you expect. You might try setting `'data-model' => 'challenge'` explicitly in your html attributes for `button_to`. Also, look at what is showing up in `params` in your controller. Separately, could just be me but I don't understand how `if :accepted == "true"` would ever work in your controller... I would expect something like `if challenge_params[:accepted]`. – steve klein Sep 03 '15 at 18:51
  • Thanks - params[:accepted] was the missing thing. However, how can I be sure that only these parameters get submitted when I cant use params.permit ? – user1552850 Sep 04 '15 at 08:29
  • You should never use `params` directly coming from your view but should always whitelist them to prevent malicious action. I don't see enough in your post to understand exactly what happens when you attempt to access a whitelisted attribute like `challenge_params[:accepted]`. – steve klein Sep 04 '15 at 14:17

0 Answers0