Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Nested Object w/ Checkboxes - mass-assignment even with accepts_nested_attributes_for?

Tags:

ruby-on-rails

activerecord

associations

actionview

I thought that there should have been a simple solution to this, given that Rails 2.3 has this newfangled nested forms feature. Basically I want to create or update a user and assign them roles at the same time.

It seems like I'm doing everything right but I get the error WARNING: Can't mass-assign these protected attributes: roles_attrributes.

I even tried changing the view to user[permissions_attrributes][role_id] because I thought that maybe the join table was confusing Rails.

Anyways, any suggestions on how this should actually work?

Model

class User < ActiveRecord::Base

  has_many :permissions
  has_many :roles, :through => :permissions

  accepts_nested_attributes_for :roles
  accepts_nested_attributes_for :permissions
end

Excerpt from view (notice I tried and failed to get fields_for to generate what I want here, maybe that's my problem?) 

<% for role in Role.all %>
 <%= check_box_tag( "user[roles_attrributes][id]",role.id) %>
 <%= role.rolename %>
 <br/>
<% end %>

Params coming across seem to be right:

    {"user"=>{"password_confirmation"=>"[FILTERED]", 
"roles_attrributes"=>{"id"=>"2"}, ...

Solution A combination of me misspelling, not using attr_accessible, needing to access permissions_attributes, and the form being slightly off.

Model:

has_many :permissions, :dependent => :destroy
has_many :roles, :through => :permissions
accepts_nested_attributes_for :permissions
attr_accessible :permissions_attributes

View:

    <%  Role.all(:order => "rolename ASC").each_with_index do |role,idx| %>
    <%= check_box_tag( "user[permissions_attributes][#{idx}][role_id]",role.id) %>
    <%= role.rolename %>
    <br/>
    <% end %>
like image 278
Bill Avatar asked Apr 07 '09 19:04

Bill

2 Answers

If you correct the spelling of attributes in your check_box_tag, it looks like it should work.

<% for role in Role.all %>
 <%= check_box_tag( "user[roles_attributes][id]",role.id) %>
 <%= role.rolename %>
 <br/>
<% end %>
like image 153
Sarah Mei Avatar answered Nov 18 '22 08:11

Sarah Mei

it sounds like this attribute isn't marked as safe for updating. You should be able to fix it by adding the following to your model class:

attr_accessible :roles

or possibly:

attr_accessible :roles_attributes

If you look, you may already have an attr_accessible call you can add this to. For more information this is documented here:

http://api.rubyonrails.org/classes/ActiveRecord/Base.html#M002226

like image 3
Adam Alexander Avatar answered Nov 18 '22 08:11

Adam Alexander
Sign in to Comment

Related questions

Rails 5 test global setup and teardown
Use an iframe of a localhost app
Trouble with new rails app
rails active record has_many foreign key after custom function
Bonsai: Use create_index! or the :force option to create it
Advantages of using OAuth Password Credentials Grant over Token Access Authentication
Heroku CI with rails fixtures
Capybara error: Selenium::WebDriver::Error::ElementNotVisibleError: element not visible
Query jsonb array for integer member
Image Upload with React Native, Expo ImagePicker, Rails, Axios and Paperclip
Devise password encryption
missing required option :name
ActiveStorage : Why not using service_url instead of blob/variant/preview url (302 redirect)?
Errno::ENOENT: No such file or directory @ rb_file_s_mtime after feature tests
How to test ActionText using RSpec?
Chrome scrolling to the top of the page after a remote form request
ActiveStorage - get image dimensions after upload
How to calculate specific rating count hash in ruby on rails?
Rails 6.1 command webpack not found when precompiling assets in capistrano
Rails Active Record Instance Variables

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!