Databases
StackOverflow2013
Postsdbo
POMass-assignement error in fields_for form using Devise user with multiple roles
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POMass-assignement error in fields_for form using Devise user with multiple roles
    primarykey
    data
    text
    <p>I looked on plenty of issues related to mass-assignement in nested attributes but none of them helped me out...</p> <p>I am using Devise and have one <code>User</code> model with different types, as the <code>Client</code> one:</p> <pre><code>class User &lt; ActiveRecord::Base attr_accessible :email, :name, :password, :password_confirmation, :remember_me, :rolable_type belongs_to :rolable, :polymorphic =&gt; true accepts_nested_attributes_for :rolable end class Client &lt; ActiveRecord::Base has_one :user, :as =&gt; :rolable attr_accessible :specialty, :address end </code></pre> <p>I have the following form for creating a new user with the client type and client attributes and which is working:</p> <pre><code>[...] resource.rolable = child_class_name.constantize.new if resource.rolable.nil? &lt;%= form_for(resource, :as =&gt; resource_name, :url =&gt; registration_path(resource_name)) do |f| %&gt; [...] &lt;% # customized code begin %&gt; &lt;%= fields_for resource.rolable do |rf| %&gt; &lt;% if rolable_type == 'client' %&gt; &lt;div&gt;&lt;%= rf.label :specialty %&gt;&lt;br /&gt; &lt;%= rf.text_field :specialty %&gt;&lt;/div&gt; [...] &lt;% end %&gt; &lt;% end %&gt; &lt;%= hidden_field :user, :rolable_type, :value =&gt; rolable_type %&gt; &lt;% # customized code end %&gt; [...] &lt;div&gt;&lt;%= f.submit "Sign up" %&gt;&lt;/div&gt; &lt;% end %&gt; </code></pre> <p>I have the following for editing the same user and which is not working: I am getting the following error : <code>ActiveModel::MassAssignmentSecurity::Error in UsersController#update</code> : <code>Can't mass-assign protected attributes: client</code></p> <pre><code> &lt;%= form_for(@user) do |f| %&gt; &lt;%= render 'shared/error_messages', object: f.object %&gt; [...] &lt;% f.fields_for(@user.rolable) do |rf| -%&gt; &lt;div&gt;&lt;%= rf.label :specialty %&gt;&lt;br /&gt; &lt;%= rf.text_field :specialty %&gt;&lt;/div&gt; &lt;div&gt;&lt;%= rf.label :address %&gt;&lt;br /&gt; &lt;%= rf.text_field :address %&gt;&lt;/div&gt; &lt;% end %&gt; [...] </code></pre> <p>Here is my <code>UsersController</code>update action:</p> <pre><code> def update @user = User.find(params[:id]) if @user.update_attributes(params[:user]) flash[:success] = "Profile updated" sign_in @user redirect_to @user else render 'edit' end end </code></pre>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USCœur
    1. USlgerard
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. COthe weirdest thing is that I still run into a `mass-assignement error` even when I set `config.active_record.whitelist_attributes = false`....
      singulars
      1. POMass-assignement error in fields_for form using Devise user with multiple roles
      1. USlgerard
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload