Stack Overflow
Stack Overflow

Questions tagged [strong-parameters]

Strong Parameters requires whitelisting of Action Controller parameters by default. In Ruby on Rails this means the developer will have to make a choice about which Active Model attributes are eligible for mass assignment. Strong parameters have been included in Rails 4 by default.

956 questions
0
votes
1 answer

What is "current_account.people.find" in Rails strong parameter example?

I am new to Rails and am currently learning strong parameters in Rails 4 and following the below example from the official documentation: `class PeopleController < ActionController::Base # Using "Person.create(params[:person])" would raise an …
pintua
  • 63
  • 5
0
votes
1 answer

Rails 4.2.4 params.permit! fails to ignore utf field in form

In an admin-only controller for scaffolded forms where we have no concern about mass-assignment, we implemented strong parameters using just the permit! method (no .require() or .permit() ) which should simply sets the params permitted flag to true,…
jpw
  • 18,697
  • 25
  • 111
  • 187
0
votes
1 answer

has_many :throught not INSTERING INTO database from form

I have tried all of the solutions to similar problems and haven't gotten this one figured out. I have a has_many :through relationship between 'Clinician', and 'Patient' with a joined model 'CareGroupAssignment'. I would like to have a patient be…
Skiapex
  • 153
  • 3
  • 14
0
votes
1 answer

Unpermitted parameter with nested attributes

I am trying to use the accepts_nested_attributes_for, but I get an unpermitted parameters: address when I try to create or update a field in the address model I have a relationship between two models a Client which has an Address as follows class…
cdog
  • 513
  • 2
  • 8
  • 15
0
votes
2 answers

Rails issue with access of nested hash parameter

I have in rails the following form in a view <%= form_for (@account) do |f| %> <%= f.label :comments,"Comments" %> <%=f.text_area :comments %> <%= f.submit "Confirm",:name=>"conf" %> <%= f.submit "Reject" %> <% end %> When I submit the form I get…
Bastien
  • 596
  • 1
  • 11
  • 30
0
votes
1 answer

How did you learn the hard way to "never trust client data"?

I'm interested in stories where not sanitizing, validating or "sane"-atizing client submitted data in a web application caused a real life problem. I think if we get some interesting answers this could be a good link to send new web developers so…
Gal
  • 5,537
  • 1
  • 22
  • 20
0
votes
1 answer

Nested forms and strong parameters - rails 4

I have a problem with a form and strong parameters. I see many have gone before me with such problems but nothing suggested to them seems to work. My form: <%= form_for(@student) do |f| %> <%= f.label :school_id %> <%= f.text_field…
Walter
  • 5
  • 3
0
votes
0 answers

validation error and possibly strong parameters with "Can't mass-assign protected attributes"

I am migrating an old app to strong parameters and a bit of a wierd issue has come up. I have a Location model and the abbreviated version is: class Location < ActiveRecord::Base include ActiveModel::ForbiddenAttributesProtection validates…
timpone
  • 19,235
  • 36
  • 121
  • 211
0
votes
0 answers

if using strong parameters, do I still need attr_accessible for nested_attributes

I'm updating a Rails 3.2 app to strong parameters (first day with it so still grokkin). I'm getting the following error for User that has_one :profile. The user class (in simplified form) looks like this: class User < ActiveRecord::Base include…
timpone
  • 19,235
  • 36
  • 121
  • 211
0
votes
1 answer

how to allow all of the attributes of a model when

I am migrating a Rails 3.2 app to strong_parameters and don't have much experience. I have a model called Item which has_many attributes. In our item#update I'd like to be able to do like the following: # Model class Item < ActiveRecord::Base …
timpone
  • 19,235
  • 36
  • 121
  • 211
0
votes
1 answer

Rails permit nested hash parameters

Here are my params: {"utf8"=>"✓", "authenticity_token"=>"g0mNoBytyd0m4oBGjeG3274gkE5kyE3aPbsgtqz3Nk4=", "commit"=>"Save changes", "plan_date"=>{"24"=>{"recipe_id"=>"12"}, "25"=>{"recipe_id"=>"3"}, "26"=>{"recipe_id"=>"9"}}} How do I permit:…
james
  • 3,989
  • 8
  • 47
  • 102
0
votes
1 answer

Unpermitted parameter in Rails 4 when submitted nested attributes, has_many associated form

I have two models (lead which has_many :quote_metals and accepts_nested_attributes_for :quote_metals and quote_metal which belongs_to :lead). I am trying to write the information submitted in the form to the different datatables. There should just…
Joe D
  • 297
  • 1
  • 12
0
votes
1 answer

Params missing link_to

Here's the html link: <%= link_to "Select Thumb", update_thumb_src_video_path(video), method: :patch, video: {thumb_src: name} %> When the error pops, the params listed are the id, authenticity_token and method, but not the video params.
Josh Hunter
  • 1,507
  • 1
  • 12
  • 15
0
votes
1 answer

rails 4 mass assignment issue with strong params and attr_accessor

So I discovered a weird issue while trying to use mass assignment on a model that also had an attr_accessor for an attribute that was being updated through a mass assigned strong params hash. I was curious as to why this happens - and is it…
Riggeot
  • 89
  • 2
  • 8
0
votes
0 answers

RoR 4 unpermitted parameter

I am creating a sign up page for users and accounts. Each account will be accessible to multiple users, but only 1 user will be the account owner. # account.rb class Account < ActiveRecord::Base belongs_to :owner, class_name: "User", foreign_key:…
pccdavef
  • 79
  • 1
  • 9
1 2 3
63 64