I have 3 models: team, developer and message.
I've been trying to receive a response to a request I send to an endpoint (/trigger_notification) like this:
Response
{
team_id: "team_id",
sms: {
id: "ARANDOMID",
mobiles: ["numer1","number2"]
content: "the content of this message",
sent_at: "18:54:34 IST 2021"
},
email: {
id: "ARANDOMID",
emails: ["email1#email.com", "email2#email.com"]
title: "Used in emails for title",
content: "the content of this message",
sent_at: "18:54:34 IST 2021"
}
}
While most of the response works just fine, the mobiles and emails specifically aren't retrieving all the assigned developers. This should be done when creating a new team with the following request params and some additional optional params in case you also want to create a new developer using nested attributes:
Adding “developers” from the Team API creates developers as well
{
"name": "Core Backend",
"dept_name": "Engineering",
"dev_ids": [id1, id2, id3, id5],
"developers":[
{
"full_name": "Some Name",
"email": "same.name#example.com",
"mobile": "1234567890"
},
{
"full_name": "Other Name",
"email": "other.name#example.com",
"mobile": "9876543210"
}
]
}
Specifically dev_ids is used to note the id of the devs included in a team (since they have an HMT association with each other). I created a separate join table to enable this functionality that is separate from the one used for the has_many through: association called memberships:
class Membership < ApplicationRecord
belongs_to :team
belongs_to :developer
end
So, I create a team and set the dev_ids: [3, 4].
However, I still find that the response ends up looking more like this:
{
"Response": {
"team_id": 3,
"sms": {
"id": "6cefeed1-f0c2-47c0-83cd-1db764e0acae",
"mobile": [],
"content": "This is a test message.",
"sent_at": "2021-10-12T12:51:30.620+05:30"
},
"email": {
"id": "cfddd984-ded0-40dd-badc-42d6694a5d92",
"email": [],
"title": "Test Message #5",
"content": "This is a test message.",
"sent_at": "2021-10-12T12:51:30.620+05:30"
}
}
}
For a few where I created the developer and the team together, it gives a response like this.
{
"Response": {
"team_id": 2,
"sms": {
"id": "435887a7-3729-4b35-b75f-10784a9d056c",
"mobile": [
"1234567890"
],
"content": "This is a test message.",
"sent_at": "2021-10-12T12:52:22.629+05:30"
},
"email": {
"id": "8e4a642c-2008-42b7-b2f8-77319fb7a71e",
"email": [
"pierceb#gmail.com"
],
"title": "Test Message #5",
"content": "This is a test message.",
"sent_at": "2021-10-12T12:52:22.629+05:30"
}
}
}
Controller for this action:
trigger_controller.rb
class TriggerController < ApplicationController
require 'securerandom'
def notification
#message = Message.new(message_params)
#id = params[:team_id]
#content = params[:content]
#title = params[:title]
# #mob = Team.joins(:developers).where(team_id: #id).pluck(:mobile)
# #mob = Team.joins(:developers).pluck(:mobile)
# #mob = Team.includes(:developers).find(#id).pluck(:'developers.mobile')
#mob = Team.find(params[:team_id]).developers.pluck(:mobile)
#mail = Team.find(params[:team_id]).developers.pluck(:email)
tim = Time.now
if #message.save
respond_to do |format|
format.json { render json: { 'Response' => {:team_id => #id,
'sms' => { "id" => SecureRandom.uuid, "mobile" => #mob, :content => #content, "sent_at" => tim },
'email' => { "id" => SecureRandom.uuid, "email" => #mail, :title => #title, :content => #content, "sent_at" => tim } } } }
end
else
render json: #message.errors, status: :unprocessable_entity
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_message
#message = Message.find(params[:id])
end
# Only allow a list of trusted parameters through.
def message_params
params.permit(:team_id, :title, :content)
end
end
Models:
team.rb
class Team < ApplicationRecord
validates :name, presence: true
has_many :messages
has_many :developer_teams
has_many :developers, through: :developer_teams
accepts_nested_attributes_for :developers
end
developer.rb
class Developer < ApplicationRecord
validates :full_name, presence: true
has_many :developer_teams
has_many :teams, through: :developer_teams
end
message.rb
class Message < ApplicationRecord
validates :title, presence: true
belongs_to :team
end
Controller for team:
team_controller.rb
class TeamsController < ApplicationController
before_action :set_team, only: [:show, :update, :destroy]
# GET /teams
def index
#teams = Team.all
render json: #teams
end
# GET /teams/1
def show
render json: #team
end
# POST /teams
def create
#team = Team.new(plus_params)
ActiveRecord::Base.transaction do
# if plus_params.has_key?(:dev_ids)
# #team.developer_ids << Developer.find(plus_params.dev_ids)
# end
# if plus_params.has_key?(:developer_attributes)
# #team.developers << Developer.insert_all(plus_params.developer_attributes)
# end
#team.save!
end
render json: #team, status: :created, location: #team
rescue
render json: #team.errors, status: :unprocessable_entity
end
# PATCH/PUT /teams/1
def update
if #team.update(team_params)
render json: #team
else
render json: #team.errors, status: :unprocessable_entity
end
end
# DELETE /teams/1
def destroy
#team.destroy
end
private
# Use callbacks to share common setup or constraints between actions.
def set_team
#team = Team.find(params[:id])
end
# Only allow a list of trusted parameters through.
def team_params
params.require(:team).permit(:name, :dept_name, dev_ids: [])
end
def plus_params
params.require(:team).permit(:name, :dept_name, dev_ids: [], :developers_attributes => [:full_name, :email, :mobile])
end
end
Here's what the log usually shows when I send a request at the /trigger_notification endpoint:
Started POST "/trigger_notification" for ::1 at 2021-10-12 13:01:16 +0530
Processing by TriggerController#notification as */*
Parameters: {"team_id"=>6, "title"=>"Test Message #5", "content"=>"This is a test message.", "trigger"=>{"team_id"=>6, "title"=>"Test Message #5", "content"=>"This is a test message."}}
Unpermitted parameter: :trigger
Team Load (0.7ms) SELECT "teams".* FROM "teams" WHERE "teams"."id" = $1 LIMIT $2 [["id", 6], ["LIMIT", 1]]
↳ app/controllers/trigger_controller.rb:11:in `notification'
(1.0ms) SELECT "developers"."mobile" FROM "developers" INNER JOIN "developer_teams" ON "developers"."id" = "developer_teams"."developer_id" WHERE "developer_teams"."team_id" = $1 [["team_id", 6]]
↳ app/controllers/trigger_controller.rb:11:in `notification'
CACHE Team Load (0.0ms) SELECT "teams".* FROM "teams" WHERE "teams"."id" = $1 LIMIT $2 [["id", 6], ["LIMIT", 1]]
↳ app/controllers/trigger_controller.rb:12:in `notification'
(0.4ms) SELECT "developers"."email" FROM "developers" INNER JOIN "developer_teams" ON "developers"."id" = "developer_teams"."developer_id" WHERE "developer_teams"."team_id" = $1 [["team_id", 6]]
↳ app/controllers/trigger_controller.rb:12:in `notification'
CACHE Team Load (0.1ms) SELECT "teams".* FROM "teams" WHERE "teams"."id" = $1 LIMIT $2 [["id", 6], ["LIMIT", 1]]
↳ app/controllers/trigger_controller.rb:15:in `notification'
TRANSACTION (0.4ms) BEGIN
↳ app/controllers/trigger_controller.rb:15:in `notification'
Message Create (1.2ms) INSERT INTO "messages" ("team_id", "title", "content", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["team_id", 6], ["title", "Test Message #5"], ["content", "This is a test message."], ["created_at", "2021-10-12 07:31:16.420140"], ["updated_at", "2021-10-12 07:31:16.420140"]]
↳ app/controllers/trigger_controller.rb:15:in `notification'
TRANSACTION (7.7ms) COMMIT
↳ app/controllers/trigger_controller.rb:15:in `notification'
Completed 200 OK in 37ms (Views: 0.5ms | ActiveRecord: 12.2ms | Allocations: 5075)
Thanks in advance!
Related
I am using Rails 5.2.1 and ruby 2.5.0 for the development of my new project.
I need to permit user params which has the following structure
{
"user_id": 1
"name": "John",
"pets": [
{
"id": 1,
"count": 5
},
{
"id": 2,
"count": 3
},
]
}
My User model has following lines
has_many :pets, dependent: :destroy
accepts_nested_attributes_for :pets
and in the controller
params.require(:user).permit(:user_id, :name, pets_attributes: %i(id, count))
But when I post the above json request it produces the following error
Unpermitted parameter: :pets
I couldn't find any solution. Please help. Thanks
Firstly, are the params being sent in this format?: {user: {user_id: ...}}
Irrespective of the format sent, one issue with your code is pets_attributes should be as follows:
pets_attributes: %i(id count) or pets_attributes: [:id, :count]
So
params.require(:user).permit(:user_id, :name, pets_attributes: %i(id count))
OR
params.require(:user).permit(:user_id, :name, pets_attributes:[:id, :count])
Hope this helped.
Rails 5.0.0.1
Ruby 2.3.0p0
I am trying to build a CRUD Rails API and I am having trouble with doing a POST. I am using devise gem for user management. Am I missing something here ?
When I try to create a POST thorugh Postman, I get the following response
{
"status": 406,
"error": "Not Acceptable",
"exception": "#<ActionController::UnknownFormat: ActionController::UnknownFormat>",
"traces": {
"Application Trace": [],
"Framework Trace": [
{
"id": 0,
"trace": "responders (2.3.0) lib/action_controller/respond_with.rb:207:in `respond_with'"
},
{
"id": 1,
"trace": "devise (4.2.0) app/controllers/devise/registrations_controller.rb:32:in `create'"
},
{
"id": 2,
"trace": "actionpack (5.0.0.1) lib/action_controller/metal/basic_implicit_render.rb:4:in `send_action'"
},
{
"id": 3,
"trace": "actionpack (5.0.0.1) lib/abstract_controller/base.rb:188:in `process_action'"
},
.....
}
Log looks like this
Started POST "/users/" for 127.0.0.1 at 2016-10-19 02:37:15 -0400
Processing by Devise::RegistrationsController#create as JSON
Parameters: {"email"=>"gabanimillin#gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}
(0.1ms) begin transaction
(0.0ms) rollback transaction
Completed 406 Not Acceptable in 2ms (ActiveRecord: 0.1ms)
ActionController::UnknownFormat (ActionController::UnknownFormat):
responders (2.3.0) lib/action_controller/respond_with.rb:207:in `respond_with'
devise (4.2.0) app/controllers/devise/registrations_controller.rb:32:in `create'
actionpack (5.0.0.1) lib/action_controller/metal/basic_implicit_render.rb:4:in `send_action'
actionpack (5.0.0.1) lib/abstract_controller/base.rb:188:in `process_action'
actionpack (5.0.0.1) lib/action_controller/metal/rendering.rb:30:in `process_action'
actionpack (5.0.0.1) lib/abstract_controller/callbacks.rb:20:in `block in process_action'
.....
As far as I can see, my code in user_controller should work
app/controllers/api/v1/user_controller.rb
class Api::V1::UsersController < ApplicationController
respond_to :json
def show
respond_with User.find(params[:id])
end
def create
user = User.new(user_params)
if user.save
render json: user, status: 201, location: [:api, user]
else
render json: { errors: user.errors }, status: 422
end
end
private
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
config/routes.rb
require 'api_constraints'
Rails.application.routes.draw do
devise_for :users
# Api definition
namespace :api, defaults: { format: :json }, constraints: { subdomain: 'api' }, path: '/' do
scope module: :v1, constraints: ApiConstraints.new(version: 1, default: true) do
resources :users, :only => [:show, :create]
end
end
end
My spec file looks like
spec/controllers/api/v1
require 'rails_helper'
RSpec.describe Api::V1::UsersController, type: :controller do
before(:each) { request.headers['Accept'] = "application/vnd.traveltime_test.v1"}
describe "GET #show" do
before(:each) do
#user = FactoryGirl.create :user
get :show, params: {id: #user.id}, format: :json
end
it "returns the information about a reporter on a hash" do
user_response = JSON.parse(response.body, symbolize_names: true)
expect(user_response[:email]).to eql #user.email
end
it "respond is successful" do
expect(response.status).to eql 200
end
end
describe "POST #create" do
before(:each) do
#user_attributes = FactoryGirl.create :user
post :create, {user: #user_attributes}, format: :json
end
it "returns json body for the user just created" do
end
end
end
This is what I get once I run the test
F
Failures:
1) Api::V1::UsersController POST #create returns json body for the user just created
Failure/Error: params.require(:user).permit(:email, :password, :password_confirmation)
NoMethodError:
undefined method `permit' for "1":String
Did you mean? print
# ./app/controllers/api/v1/users_controller.rb:19:in `user_params'
# ./app/controllers/api/v1/users_controller.rb:8:in `create'
# /Users/GabBook/.rvm/gems/ruby-2.3.0/gems/devise-4.2.0/lib/devise/test/controller_helpers.rb:33:in `block in process'
# /Users/GabBook/.rvm/gems/ruby-2.3.0/gems/devise-4.2.0/lib/devise/test/controller_helpers.rb:100:in `catch'
# /Users/GabBook/.rvm/gems/ruby-2.3.0/gems/devise-4.2.0/lib/devise/test/controller_helpers.rb:100:in `_catch_warden'
# /Users/GabBook/.rvm/gems/ruby-2.3.0/gems/devise-4.2.0/lib/devise/test/controller_helpers.rb:33:in `process'
# ./spec/controllers/api/v1/users_controller_spec.rb:25:in `block (3 levels) in <top (required)>'
Finished in 0.05922 seconds (files took 1.18 seconds to load)
3 examples, 1 failure
Failed examples:
rspec ./spec/controllers/api/v1/users_controller_spec.rb:28 # Api::V1::UsersController POST #create returns json body for the user just created
The problem is your POSTMAN parameters.
You posted:
{ "email" => "email", "password" => "password }
Whereas the your controller expects the following params:
{ "user" => { "email" => "email", "password" => "password" } }
As described by your params sanitizer:
params.require(:user).permit(:email, :password, :password_confirmation)
change it
before(:each) do
#user_attributes = FactoryGirl.create :user
post :create, {user: #user_attributes}, format: :json
end
for this
before(:each) do
#user_attributes = FactoryGirl.create :user
post :create, params: {user: #user_attributes}, format: :json
end
I'm building a video marketplace where members can buy videos.
However I'm struggling to create the order so that it has the video_id, member_id and price.
This is my code:
Video model:
has_many :members, through: :orders
has_many :orders
accepts_nested_attributes_for :orders
Member model:
has_many :orders
has_many :videos, through: :orders
accepts_nested_attributes_for :orders
Order model:
attr_accessible :price, :stripe_card_token, :member_id, :video_id
belongs_to :video
belongs_to :member
accepts_nested_attributes_for :video
accepts_nested_attributes_for :member
validates :member_id, presence: true
validates :video_id, presence: true
validates :price, presence: true
attr_accessor :stripe_card_token
def save_with_stripe
video = #video.find_by_id(params[:id])
member = #member.find_by_id(params[:id])
if valid?
#order = Stripe::Charge.create(
amount: video.price,
currency: "gbp",
card: stripe_card_token,
description: member.email
)
save!
end
rescue
errors.add :base, "There was a problem with Stripe"
end
Orders Controller:
def new
#order = Order.new
build_order
end
def create
#order = Order.new(params[:order])
if #order.save_with_stripe
flash[:success] = "Enjoy the video!"
else
render partial: 'shared/buynow'
end
end
def build_order
#order.build_member(
member_id: #member.id,
video_id: #video.id,
price: #video.price,
)
end
I think my issue is somewhere in the "build_order" method, but I've tried various different ways and end up with various different errors.
It works in my console:
[221] pry(main)> Order.create(member_id: "36", video_id: "99", price: "1000")
(0.2ms) BEGIN
SQL (0.6ms) INSERT INTO "orders" ("created_at", "member_id", "price", "stripe_card_token", "updated_at", "video_id") VALUES ($1, $2, $3, $4, $5, $6) RETURNING "id" [["created_at", Fri, 18 Oct 2013 14:50:09 UTC +00:00], ["member_id", 36], ["price", 1000], ["stripe_card_token", nil], ["updated_at", Fri, 18 Oct 2013 14:50:09 UTC +00:00], ["video_id", 99]]
(0.5ms) COMMIT
=> #<Order id: 3, video_id: 99, member_id: 36, stripe_card_token: nil, price: 1000, created_at: "2013-10-18 14:50:09", updated_at: "2013-10-18 14:50:09">
Any help on what I'm doing wrong would be greatly appreciated.
Cheers,
Mark
Why are you trying to build a member object through the order? Looks like you already have the member and video, so why not just pass the same hash of values in to the call to new?
e.g.
#order = Order.new(member_id: #member.id, video_id: #video.id, price: #video.price)
I am trying to get some controller tests passing but when they hit the update and delete action, CanCan keeps throwing the Access Denied error despite being set in the abilities. These errors only seem to occur for members, as admins work fine.
Abilities.rb
def initialize(user)
if user.has_role? :admin
can :manage, :all
elsif user.has_role? :member
can :manage, PaymentMethod, :user_id => user.id
end
end
User_Factory
FactoryGirl.define do
factory :user do
sequence(:first_name) { |n| "John_#{n}" }
sequence(:last_name) { |n| "Rambo_#{n}" }
sequence(:email) { |n| "john_rambo_#{n}#example.com" }
sequence(:username) { |n| "john_rambo_#{n}" }
date_of_birth "03/12/1982"
password 'password'
password_confirmation 'password'
picture_url File.open('spec/support/pictures/test.png')
address
factory :member do
sequence(:last_name) { |n| "Member_#{n}" }
roles :member
end
end
end
Controller_Spec.rb
describe "PUT /api/users/:user_id/payment_method/:id" do
before(:each) do
#user = FactoryGirl.create(:member)
sign_in_user #user
#payment_method = FactoryGirl.create(:credit_card, {:user_id => #user.id})
end
it "updates a users payment method" do
attr_to_change = {
brand: "mastercard",
user_id: #user.id,
id: #payment_method.id
}
put :update, attr_to_change
response.status.should == 200
JSON.parse(response.body)["payment_method"]["brand"]
.should == "mastercard"
end
end
describe "DELETE /api/users/:user_id/payment_methods/:id" do
before(:each) do
#user = FactoryGirl.create(:member)
sign_in_user #user
#payment_method = FactoryGirl.create(:credit_card, {:user_id => #user.id})
end
it "destroys a users payment method" do
delete :destroy, {:user_id => #user, :id => #payment_method.id}
response.status.should == 200
end
end
Controller
class Api::PaymentMethodsController < Api::ApiController
before_filter :clean_params, only: [:update, :create]
def index
#user = User.find(params["user_id"])
render json: #user.payment_methods
end
def update
pm_id = params.delete("id")
params.delete("user_id")
#payment_method = PaymentMethod.find(pm_id)
if #payment_method.update_attributes(params)
return render status: 200, json: #payment_method, root: :payment_method
else
return render status: 422, json: {success: false, errors: #payment_method.errors.full_messages.map{|error|{error: error}}}
end
end
def create
#payment_method = PaymentMethod.create_payment_method(params)
if #payment_method
render json: #payment_method, root: :payment_method
else
return render status: 422, json: {success: false, errors: #payment_method.errors.full_messages.map{|error|{error: error}}}
end
end
def destroy
#payment_method = PaymentMethod.find(params["id"])
if #payment_method.destroy
return render status: 200, json: {:message => "PaymentMethod Destroyed"}
else
return render status: 422, json: {success: false, errors: #payment_method.errors.full_messages.map{|error|{error: error}}}
end
end
def clean_params
["controller", "action"].each do |delete_me|
params.delete(delete_me)
end
params
end
end
ApiController
class Api::ApiController < ApplicationController
before_filter :authenticate_user!
load_and_authorize_resource
rescue_from CanCan::AccessDenied do |exception|
return render :status => 401, :json => {:success => false, :errors => [exception.message]}
end
end
Result of calling the delete action in the test:
delete :destroy, {:user_id => #user, :id => #payment_method.id}
#<ActionController::TestResponse:0x007fb999cf0080
#blank=false,
#block=nil,
#body=
["{\"success\":false,\"errors\":[\"You are not authorized to access this page.\"]}"],
#cache_control={},
#charset="utf-8",
#content_type=application/json,
#etag=nil,
#header={"Content-Type"=>"application/json; charset=utf-8"},
#length=0,
#request=
The other actions seem to work but for Update and Destroy, I keep getting that AccessDenied error. Any idea what I could be doing wrong?
Your ApiController appears to be namespaced, you'll need to change the before_filter to the following:
before_filter :authenticate_api_user!
Then, you need to adjust Cancan to use the current_api_user instead of current_user:
def current_ability
#current_ability ||= ::Ability.new(current_api_user)
end
These links will help:
http://rubydoc.info/github/plataformatec/devise/master/Devise/Controllers/Helpers
https://github.com/ryanb/cancan/issues/656
http://mikepackdev.com/blog_posts/12-managing-devise-s-current-user-current-admin-and-current-troll-with-cancan
I am calling this js from a link:
function createNewTopLevelEntry(){
var user_id = $("#user").val();
var header = prompt("Enter the name");
$.ajax( '/users/' + user_id + '/entries', {
data: {
entry: { header: header,
user: user_id } },
type: 'POST',
cache: false,
dataType: 'json',
success: displayTopLevelEntries
});
}
It hits this controller:
def create
#entry = Entry.new(params[:entry])
respond_to do |format|
if #entry.save
format.html { redirect_to #entry, notice: 'Entry was successfully created.' }
format.json { render json: #entry, status: :created, location: #entry }
else
format.html { render action: "new" }
format.json { render json: #entry.errors, status: :unprocessable_entity }
end
end
end
This is the response on the server:
Started POST "/users/1/entries" for 127.0.0.1 at 2013-03-25 21:50:36 -0700
Processing by EntriesController#create as JSON
Parameters: {"entry"=>{"header"=>"Hi", "user"=>"1"}, "user_id"=>"1"}
(0.1ms) begin transaction
SQL (0.5ms) INSERT INTO "entries" ("completed", "created_at", "endtime", "header", "parent", "starttime", "starttimeset", "text", "totaltime", "updated_at", "user") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [["completed", nil], ["created_at", Tue, 26 Mar 2013 04:50:36 UTC +00:00], ["endtime", nil], ["header", "Hi"], ["parent", nil], ["starttime", nil], ["starttimeset", nil], ["text", nil], ["totaltime", nil], ["updated_at", Tue, 26 Mar 2013 04:50:36 UTC +00:00], ["user", "1"]]
(2.5ms) commit transaction
Completed 500 Internal Server Error in 10ms
NoMethodError - undefined method `entry_url' for #<EntriesController:0x007fb22b9f7fd8>:
(gem) actionpack-3.2.11/lib/action_dispatch/routing/polymorphic_routes.rb:129:in `polymorphic_url'
(gem) actionpack-3.2.11/lib/action_dispatch/routing/url_for.rb:150:in `url_for'
(gem) actionpack-3.2.11/lib/action_controller/metal/rendering.rb:60:in `_process_options'
(gem) actionpack-3.2.11/lib/action_controller/metal/streaming.rb:208:in `_process_options'
(gem) actionpack-3.2.11/lib/action_controller/metal/renderers.rb:34:in `block in _handle_render_options'
What is the entry_url? Why is it looking for it? Do i need to include something in the model. Its just has attr_accessors for the vars.
class Entry < ActiveRecord::Base
attr_accessible :completed, :endtime, :header, :starttime, :starttimeset, :totaltime, :user, :text, :parent
end
Heres is my routes file:
Tasks::Application.routes.draw do
match '/users/:id/projects' => 'users#show_projects_for_user'
authenticated :user do
root :to => 'home#index'
end
root :to => "home#index"
devise_for :users
resources :users do
resources :entries
end
end
Thanks for the help.
The entry_url is what it's asking you to redirect to when you say redirect_to #entry
You don't have an entries resource in the routes file. You do have one nested within user, but then you need to pass as well as the entry.
redirect_to [ #user, #entry ]
just saw your comment - if it's doing this on the JSON path similarly you need to have
location: [#user, #entry]
Basically anywhere you're asking rails to build a url for an entry you need to pass the entry's user in because you have entry nested within user in the routes and not as a standalone resource routing.
Adding an edit to respond to the comment because there's no formatting in comments:
Yes, this it will work to delete the location as it will no longer call the helper to build that location in the json, but I am presuming you want that. So try this to make the location work:
format.json { render json => { :entry => #entry, :status => created, :location => [#user, #entry] }}
from your comment... if that's not working then let's try calling the url helper directly
format.json { render json => { :entry => #entry, :status => created, :location => user_entry_url(#user, #entry) }}
If you are using Rails3, this might case because with rails3, the url has become path
Ex:
#rails2
entry_url
#rails3
entry_path
So try entry_path instead of entry_url