1

I have a from created in Ruby on rails. The code the form looks like this:

<%= simple_form_for(@action) do |f|%>
    <%= render 'shared/error_messages' %>

    <%=f.label :action_name, "Action name"%>
    <%=f.text_field :action_name%></br>

    <%=f.input :startDate,:as => :datetime_picker, :label =>"Start date"%>
    <%=f.input :endDate,:as => :datetime_picker, :label =>"End date"%>

    <%=f.label :contentURL, "Content url"%>
    <%=f.text_field :contentURL%></br>
<%= f.button :submit, class: "btn btn-large btn-primary" %>

    <%end%>

But when I click the submit button I get this error:

undefined method `permit' for "create":String

def action_params
    params.require(:action).permit(:action_name, :startDate,:endDate,:contentURL)

All other forms a working ok, I guess it is something really obvious, just can't see it :( I really appreciate any help, solving this problem.

Thanks!!

EDIT:

Controller code:

def create
action = Action.new(action_params)
if @action.save
    flash[:success] = "New Action saved"
    redirect_to "/"
  else
    render 'new'
  end


 end

 private

 def action_params
     params.require(:action).permit(:action_name, :startDate,:endDate,:contentURL)
 end
Improve this question
2
  • this is the error of strong parameter, you will declare here params which you want to access or permit.... can you put your controller code here Commented Jan 3, 2014 at 15:12
  • Added controller code Commented Jan 3, 2014 at 16:29

1 Answer 1

Reset to default
1

In Rails 4, you must use Strong Parameters in your controllers. Here's some explanation from the official blog. And some example:

class PeopleController < ActionController::Base
  # This will raise an ActiveModel::ForbiddenAttributes exception because it's using mass assignment
  # without an explicit permit step.
  def create
    Person.create(params[:person])
  end

  # This will pass with flying colors as long as there's a person key in the parameters, otherwise
  # it'll raise a ActionController::MissingParameter exception, which will get caught by 
  # ActionController::Base and turned into that 400 Bad Request reply.
  def update
    redirect_to current_account.people.find(params[:id]).tap do |person|
      person.update_attributes!(person_params)
    end
  end

  private
    # Using a private method to encapsulate the permissible parameters is just a good pattern
    # since you'll be able to reuse the same permit list between create and update. Also, you
    # can specialize this method with per-user checking of permissible attributes.
    def person_params
      params.required(:person).permit(:name, :age)
    end
end

Notice how, in the last lines, under the private keyword, the person_params method is defined, which declares the permitted fields to be assigned by the create and update methods on top. And it's the person_params that is used for updating - the valid example - instead of the raw params array.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.