In my rails app, I am creating an object "Organization" and two sub-objects "User" and "Settings" in a nested form. When I run the form I get the error:
WARNING: Can't mass-assign protected attributes: user
I had previously had this problem on another project and discovered I needed the
#organization.users.build
in organizations_controller/new. In order to have the sub-objected added to and create a a sub-object on submittal of the form.
organization.rb
class Organization < ActiveRecord::Base
attr_accessible :org_name, :address1, :address2, :city, :state, :postal_code, :country, :logo_image, :setting_id, :active, :status_image, :users_attributes, :setting_attributes
has_many :users, :dependent => :destroy
has_one :setting, :dependent => :destroy
accepts_nested_attributes_for :users
accepts_nested_attributes_for :setting
end
user.rb
class User < ActiveRecord::Base
attr_accessible :email, :password, :password_confirmation, :name_first, :name_last, :admin, :notes, :current_outstanding, :pin, :registered, :sms, :super_user, :organization_id
belongs_to :organization
end
setting.rb
class Setting < ActiveRecord::Base
attr_accessible :green_hours, :green_mins, :yellow_hours, :yellow_mins, :red_hours, :red_mins, :reminder_sms, :reminder_sms_hours, :reminder_sms_mins, :logo_url, :comp_name, :alert_emails, :alert_smss, :history_hours, :time_zone, :user_id, :organization_id
belongs_to :organization
end
organizations_controller.rb
class OrganizationsController < ApplicationController
def new
#organization = Organization.new
#organization.build_setting
#organization.users.build
respond_to do |format|
format.html { render :layout => 'application_dashboard_orgs' }
format.json { render json: #organization }
end
end
def create
#organization = Organization.new(params[:organization])
respond_to do |format|
if #organization.save
format.html { redirect_to organizations_path, notice: 'Organization was successfully created.' }
format.json { render json: #organization, status: :created, location: #organization }
else
format.html { render action: "new" }
format.json { render json: #organization.errors, status: :unprocessable_entity }
end
end
end
end
organizations/_form.html.erb
<%= form_for(#organization) do |f| %>
<div class="Col1">
<div class="MenuItem"><div class="MenuItemLabel">Account Name:</div> <%= f.text_field :org_name %></div>
<div class="MenuItem"><div class="MenuItemLabel">Address Line 1:</div> <%= f.text_field :address1 %></div>
<div class="MenuItem"><div class="MenuItemLabel">Address Line 2:</div> <%= f.text_field :address2 %></div>
<div class="MenuItem"><div class="MenuItemLabel">City:</div> <%= f.text_field :city %></div>
<div class="MenuItem"><div class="MenuItemLabel">State:</div> <%= f.text_field :state %></div>
<div class="MenuItem"><div class="MenuItemLabel">Postal Code:</div> <%= f.text_field :postal_code %></div>
<div class="MenuItem"><div class="MenuItemLabel">Country:</div> <%= f.text_field :country %></div>
<div class="MenuItem"><div class="MenuItemLabel">Logo Image:</div> <%= f.file_field :logo_image %></div>
<div class="MenuItem"><div class="MenuItemLabel">Active Account?</div> <%= f.check_box :active %></div>
</div>
<div class="Col2">
<div class="MenuItem"><div class="MenuItemLabel"><b>Administrator Account</b></div></div>
<%= f.fields_for :user do |user| %>
<div class="MenuItem"><div class="MenuItemLabel">First Name:</div> <%= user.text_field :name_first %></div>
<div class="MenuItem"><div class="MenuItemLabel">Last Name:</div> <%= user.text_field :name_last %></div>
<div class="MenuItem"><div class="MenuItemLabel">Email Address:</div><%= user.text_field :email %></div>
<div class="MenuItem"><div class="MenuItemLabel">PIN:</div><%= user.password_field :password, :id => "password_field", :onchange => "add_pin()" %></div>
<div class="MenuItem"><div class="MenuItemLabel">PIN Confirmation:</div><%= user.password_field :password_confirmation %> </div>
<div class="MenuItem"><div class="MenuItemLabel">SMS Reminder Phone #:</div><%= user.text_field :sms %> </div>
<div class="MenuItem"><div class="MenuItemLabel">Is Administrator:</div> <%= user.check_box :admin, {checked: true} %></div>
<div class="MenuItem"><div class="MenuItemLabel">Password Setup?</div> <%= user.check_box :registered %></div>
<% end %>
<%= f.fields_for :setting do |setting| %>
<%= setting.hidden_field :green_hours, :value => params[99] %>
<%= setting.hidden_field :green_mins, :value => params[59] %>
<%= setting.hidden_field :yellow_hours, :value => params[0] %>
<%= setting.hidden_field :yellow_mins, :value => params[15] %>
<%= setting.hidden_field :red_hours, :value => params[0] %>
<%= setting.hidden_field :red_mins, :value => params[0] %>
<%= setting.hidden_field :reminder_sms, :value => params[true] %>
<%= setting.hidden_field :reminder_sms_hours, :value => params[0] %>
<%= setting.hidden_field :reminder_sms_mins, :value => params[15] %>
<%= setting.hidden_field :history_hours, :value => params[24] %>
<% end %>
<div class="MenuItem">
<%= flash[:notice] %> <br />
<%= f.submit "Save Settings" %> <!--<input type="reset" value="Reset" /> -->
</div>
<div class="clr"></div>
</div>
<%= f.fields_for :user do |user| %>
should be
<%= f.fields_for :users do |user| %>
I think what you want to do is use a form backed object. Jeff Dean has a good blog post on this at http://pivotallabs.com/users/jdean/blog/articles/1706-form-backing-objects-for-fun-and-profit
Your error indicates that you don't have the ability to set the "user" attribute when you try to save your organization. Try adding :user and :setting to your attr_accessible line in organization.rb
Related
I am making a polymorphic association with devise and simple for but for some reason i cant get the params to work
here is my code:
User:
class User < ActiveRecord::Base
devise :database_authenticatable,
:rememberable, :trackable, :validatable
belongs_to :loginable, polymorphic: true
end
Designer:
class Designer < ActiveRecord::Base
has_one :user, as: :loginable
accepts_nested_attributes_for :user
end
Layout:
<%= simple_form_for [:admin, #designer] , :html => { :class => 'form-horizontal' } do |f| %>
<% if f.error_notification %>
<div class="alert alert-error fade in">
<a class="close" data-dismiss="alert" href="#">×</a>
<%= f.error_notification %>
<% if #designer.errors.any? %>
<ul>
<% #designer.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
<% end %>
</div>
<% end %>
<div class="control-group">
<%= f.label :profile_name, :class => 'control-label' %>
<div class="controls">
<%= f.text_field :profile_name, :class => 'text_field' %>
</div>
</div>
<%= f.simple_fields_for users do |u| %>
<div class="control-group">
<%= u.label :email, :class => 'control-label' %>
<div class="controls">
<%= u.text_field :email, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= u.label :password, :class => 'control-label' %>
<div class="controls">
<%= u.password_field :password, :class => 'text_field' %>
</div>
</div>
<div class="control-group">
<%= u.label :type, :class => 'control-label' %>
<div class="controls">
<%= u.input :role, :label => false do %>
<%= u.select :role_id, Role.all.map { |r| [r.name, r.id] } %>
<% end %>
</div>
</div>
<div class="control-group">
<%= u.label :firstname, :class => 'control-label' %>
<div class="controls">
<%= u.text_field :firstname, :class => 'text_field' %>
</div>
</div>
<% end %>
<div class="form-actions">
<%= f.submit nil, :class => 'btn btn-primary' %>
</div>
<% end %>
Controller:
def create
#user = User.new(designer_params)
#designer = Designer.new(designer_params)
#user.loginable = #designer
respond_to do |format|
if #user.save! && #designer.save!
format.html { redirect_to admin_designers_path, notice: 'Designer was successfully created.' }
format.json { render action: 'show', status: :created, location: admin_designer_path(#designer) }
else
format.html { render action: 'new' }
format.json { render json: [designer: #designer.errors, user: #user.errors], status: :unprocessable_entity }
end
end
end
def designer_params
params.permit(:profile_name, :user, user_attributes: [:email, :password, :password, :firstname, :lastname, :address, :postalcode, :city, :country, :role, :role_id])
end
My params seems to ignore the user attributes, i only see profile name for some reason.
Any ideas on how to fix this would be greatly appreciated
Thanks!
I managed to resolve my own issues. so i am posting the answer hoping to save someone else lots of time.
i ended up creating another private method for the user params
def designer_params
params.require(:designer).permit(:profile_name, user_attributes: [:email, :password, :password, :firstname, :lastname, :address, :postalcode, :city, :country, :role, :role_id])
end
def user_params
params[:designer][:user_attributes].permit(:email, :password, :password, :firstname, :lastname, :address, :postalcode, :city, :country, :role, :role_id)
end
and then using those to create my relationship
def create
#designer = Designer.new(designer_params)
#user = User.new(user_params)
#user.loginable = #designer
#designer.save!
end
also if you are having trouble viewing the nested form make sure to use the
build_ method
def new
#designer = Designer.new
#user = #designer.build_user
end
I am trying to get a Project form to build the first (starting) time of several (up to 12) volunteer time blocks.
project.rb
class Project < ActiveRecord::Base
attr_accessible :title, ...
has_many :vol_times, :dependent => destroy
accepts_nested_attributes_for :vol_times, :reject_if => lambda { |a| a[:start_time].blank? }, :allow_destroy => true
...
end
vol_time.rb
class Vol_time < ActiveRecord::Base
attr_accessible :start_time, ...
belongs_to :project
end
ProjectsController
class ProjectsController < ApplicationController
before_filter :signed_in_user, only: :create
...
def new
#project = Project.new
#user = current_user
#project.vol_times.build
end
...
end
Vol_Times Controller
class Vol_TimesController < ApplicationController
def new
#reward = Reward.new
end
...
end
My view looks like this...
<%= form_for(#project) do |f| %>
<div class="form_field_block">
<p class="form_label"> Project Title</p>
<%= f.text_field :title, :size => 40, :placeholder => " Project Title...", :class => "frm" %>
</div>
<div class="form_field_block">
<p class="form_label"> Project Sub-title</p>
<%= f.text_field :sub_title, :size => 40, :placeholder => " Project Sub-title...", :class => "frm" %>
</div>
<p class="clearing"></p>
<div class="form_field_block">
<% f.fields_for :vol_times do |builder| %>
<%= render :partial => 'start_time', :f => builder %>
<% end %>
</div>
<p class="clearing"></p>
<%= button_tag "btn_start_project.png", :class => "btn_save" %>
<% end %>
And the _partial looks like this...
<%= f.label :start_time, "Starting Time" %>
<%= f.text_field :start_time %>
When I view the page, I see the containing <div>, but not the contents of the ERB, which should be parsed from the _partial.
Any ideas why this isn't working? I got the general context from Ryan Bates' RailsCast #196 - Here
you are missing a = on the fields_for. It should be
<%= f.fields_for :vol_times do |builder| %>
I have succsfuly set up an image upload with the carrierwave gem.
but when I try to add an optional online url like so:
<%= form_for #rating, :html => {:multipart=>true} do |f| %>
<div class="field">
<%= f.file_field :pic_url %>
</div>
<div class="field">
<%= f.label :remote_pic_url_url, 'or image url' %>
<br/>
<%= f.text_field :remote_pic_url_url %>
</div>
<div class="actions">
<%= f.submit 'Upload Picture', :class => 'btn btn-primary' %>
</div>
<% end %>
then I get this error:
Can't mass-assign protected attributes:
my model is
class Rating < ActiveRecord::Base
attr_accessible :pic_url, :rating
mount_uploader :pic_url , ImageUploader
end
You need to be able to mass-assign the remote_pic_url_url attribute:
class Rating < ActiveRecord::Base
attr_accessible :pic_url, :remote_pic_url_url, :rating
mount_uploader :pic_url , ImageUploader
end
I'm using nested_attributes and trying to implement the add/remove fields on-the-fly throu ajax following Ryan Bates screencast about Nested Model (#196)
Doing this, it won't work, but when removing the "link_to_add_fields" line, it works fine.
The problem is that I'm don't know if I doing this all associations right.
<%= form_for(#item) do |f| %>
<% if #item.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(#item.errors.count, "error") %> prohibited this item from being saved:</h2>
<ul>
<% #item.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :title %><br />
<%= f.text_field :title %>
</div>
<div class="field">
<%= f.label :item_type_id %><br />
<%= f.select :item_type_id, #item_types.collect { |p| [ p.title, p.id ]} %>
<br />
<%= f.fields_for :item_parts do |parts_form| %>
<%= render "item_part_fields", :p => parts_form %>
<% end %>
</div>
<%= link_to_add_fields "Add Part", f, :part %>
<div class="actions">
<%= button_for "Save Item", :class => 'positive pill button', :button_type => 'submit' %>
</div>
<% end %>
Actually my models are:
"ItemPart" model:
class ItemPart < ActiveRecord::Base
belongs_to :item
belongs_to :part
end
"Item" model:
class Item < ActiveRecord::Base
belongs_to :item_type
has_many :item_parts
has_many :parts, :through => :item_parts
accepts_nested_attributes_for :item_parts, :allow_destroy => true
after_save :save_id
validates :title, :presence => true
def save_id
item_part_attributes = [ { :item_id => self.id } ]
end
end
"Part" model:
class Part < ActiveRecord::Base
has_one :part_type
has_many :item_parts
has_many :items, :through => :item_parts
end
The error I'm getting doing this way:
undefined method `klass' for nil:NilClass
Extracted source (around line #26):
23: <%= render "item_part_fields", :p => parts_form %>
24: <% end %>
25: </div>
26: <%= link_to_add_fields "Add Part", f, :item %>
27: <div class="actions">
Application trace
app/helpers/application_helper.rb:44:in `link_to_add_fields'
app/views/items/_form.html.erb:26:in `block in _app_views_items__form_html_erb__1418129287024756954_2169222480__3228169100620818569'
app/views/items/_form.html.erb:1:in `_app_views_items__form_html_erb__1418129287024756954_2169222480__3228169100620818569'
app/views/items/edit.html.erb:3:in `_app_views_items_edit_html_erb___1857878264245794505_2169270380_890290209246324491'
Application_helper.rb
def link_to_add_fields(name, f, association)
new_object = f.object.class.reflect_on_association(association).klass.new # error line :44
fields = f.fields_for(association, new_object, :child_index => "new_#{association}") do |builder|
render(association.to_s.singularize + "_fields", :f => builder)
end
link_to_function(name, "add_fields(this, '#{association}', '#{escape_javascript(fields)}')" )
end
After hours and hours doing tests and googling a lot, I get it finally solved.
Seems that I'd to use the same local variable name to render the partial used for the form_for and then use it again as a helper method parameter needed. (In this case, "f" variable.)
I pasting the cleaning working code below
<%= form_for(#item) do |f| %>
<p>
<%= f.label :title %><br />
<%= f.text_field :title %>
</p>
<p>
<%= f.label :item_type_id %><br />
<%= f.select :item_type_id, #item_types.collect { |p| [ p.title, p.id ]} %><br />
</p>
<p>
<%= f.fields_for :item_parts do |parts_form| %>
<%= render "item_part_fields", :f => parts_form %>
<% end %>
</p>
<p><%= link_to_add_fields "Add Part", f, :item_parts %></p>
<p><%= button_for "Save Item", :class => 'positive pill button', :button_type => 'submit' %></p>
<% end %>
Hope this going to help someone someday :)
There is a mistake in your add more button. This should be,
<p><%= link_to_add_fields "Add Part", f, :item_parts %></p>
The association name should be the table name on which have many relation is.
I'm using devise for my user registrations and I'd like to have a separate edit path for user's to change/update their passwords. I've pulled the devise registrations views out and created a separate registrations controller like described in Railscast 236
I've tried creating a new action called change_password in the registrations controller but when I try to set the route with match '/change_password', to => 'registrations#change_password' I get an AbstractController::Actions Not Found
registrations controller
class RegistrationsController < Devise::RegistrationsController
def create
super
session[:omniauth] = nil unless #user.new_record?
end
def destroy
resource.destroy
set_flash_message :notice, :destroyed
sign_out_and_redirect(self.resource)
end
def change_password
render_with_scope :edit
end
private
def build_resource(*args)
super
if session[:omniauth]
#user.apply_omniauth(session[:omniauth])
#user.valid?
end
end
routes.rb
match 'auth/:provider/callback' => 'authentications#create'
resources :authentications
devise_for :users, :controllers => {:registrations => 'registrations'}
resources :posts do
member do
get :likers
end
collection do
get :search
end
end
resources :relationships, :only => [:create, :destroy]
resources :appreciations, :only => [:create, :destroy]
root :to => "pages#home"
match '/contact', :to => 'pages#contact'
match '/about', :to => 'pages#about'
match '/help', :to => 'pages#help'
match '/blog', :to => 'pages#blog'
resources :users do
member do
get :following, :followers, :likes
end
resources :collections
end
end
views/registrations/change_password.html.erb
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :validate => true,
:html => { :method => :put }, :html => {:multipart => true}) do |f| %>
<%= devise_error_messages! %>
<p><strong>To change password, otherwise leave blank.</strong></p>
<p><%= f.label :current_password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :current_password %></p>
<p><%= f.label :password, "New password" %> <br />
<%= f.password_field :password %></p>
<p><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></p>
</div><br />
<p><%= f.submit "Update" %></p>
<% end %>
Try to pass match .. in the block of devise_for helper:
devise_for :users, :controllers => {:registrations => 'registrations'} do
match '/change_password', to => 'registrations#change_password'
end
I found this to be the easiest way to split the user edit form into edit & account
Originally I had
:name,
:email,
:avatar,
:location,
:website,
:bio,
:password (all in one form)
ROUTES (this provides route:
account_user GET /users/:id/account(.:format) users#account)
resources :users do
member do
get :following, :followers, :account
end
end
USERS_CONTROLLER.RB
before_filter :signed_in_user, only: [:index, :edit, :update, :destroy, :following, :followers, :account]
before_filter :correct_user, only: [:edit, :update, :account]
def edit
#user = User.find(params[:id])
end
def account
#title = "Account"
#user = User.find(params[:id])
end
def update
if #user.update_attributes(params[:user])
flash[:success] = "Profile updated"
sign_in #user
redirect_to #user
elsif #title = "Account"
render 'account'
else
render 'edit'
end
end
(split form views)
EDIT.HTML.ERB
<%= form_for #user, :html => { :multipart => true } do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.label :name %>
<%= f.text_field :name %>
<%= f.label :avatar %><br />
<%= f.file_field :avatar %>
<%= f.label :location %>
<%= f.text_field :location %>
<%= f.label :website %>
<%= f.text_field :website %>
<%= f.label :bio %>
<%= f.text_area :bio, placeholder: "About yourself in 160 characters or less..." %>
<%= f.submit "Update Profile", class: "btn btn-medium btn-primary" %>
<% end %>
ACCOUNT.HTML.ERB
<%= form_for #user, :html => { :multipart => true } do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.label :email %>
<%= f.text_field :email %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation, "Confirm Password" %>
<%= f.password_field :password_confirmation %>
<%= f.submit "Update Account", class: "btn btn-medium btn-primary" %>
<% end %>
SIDE NAV BAR INSIDE OF EDIT AND ACCOUNT VIEWS, SO THE USER HAS ACCESS TO EDIT AND ACCOUNT FORM
<ol class="nav nav-tabs nav-stacked">
<% #user ||= current_user %>
<li>
<a href="<%= edit_user_path(#user) %>">
Profile
<i class="icon-chevron-right"></i>
</a>
</li>
<li>
<a href="<%= account_user_path(#user) %>">
Account
<i class="icon-chevron-right"></i>
</a>
</li>
</ol>