Rails 4 Unpermitted Parameters for Array

Question

I have an array field in my model and I'm attempting to update it.

My strong parameter method is below

def post_params
  params["post"]["categories"] = params["post"]["categories"].split(",")

  params.require(:post).permit(:name, :email, :categories)
end

My action in my controller is as follows

def update
  post = Post.find(params[:id]

  if post and post.update_attributes(post_params)
    redirect_to root_url
  else
    redirect_to posts_url
  end
end

However, whenever I submit the update the post, in my development log I see

Unpermitted parameters: categories

The parameters passed through is

  Parameters: {"utf8"=>"✓", "authenticity_token"=>"auth token", "id"=>"10", 

"post"=>{"name"=>"Toni Mitchell", "email"=>"[email protected]", "categories"=>",2"}}

I want to think it has something to do with the fact that the attribute categories is an array since everything else looks fine. Then again, I could be wrong. So, what's wrong with my code and why is not letting me save the categories field when clearly it is permitted to do so? Thanks.

Answer 1

Try this

params.require(:post).permit(:name, :email, :categories => [])

(Disregard my comment, I don't think that matters)

Answer 2

in rails 4, that would be,

params.require(:post).permit(:name, :email, {:categories => []})

Answer 3

The permitted scalar types are String, Symbol, NilClass, Numeric, TrueClass, FalseClass, Date, Time, DateTime, StringIO, IO, ActionDispatch::Http::UploadedFile and Rack::Test::UploadedFile.

To declare that the value in params must be an array of permitted scalar values map the key to an empty array:

params.permit(:id => [])

This is what the strong parameters documentation on Github says:

params.require(:post).permit(:name, :email, :categories => [])

I hope this works out for you.

Answer 4

I had the same problem, but simply adding array to permit was not enough. I had to add type, too. This way:

params.require(:transaction).permit(:name, :tag_ids => [:id])

I am not sure if this is perfect solution, but after that, the 'Unpermitted parameters' log disappeared.

I found hint for that solution from this excellent post: http://patshaughnessy.net/2014/6/16/a-rule-of-thumb-for-strong-parameters

Answer 5

If there are multiple items and item_array inside parameters like this-

Parameters {"item_1"=>"value 1", "item_2"=> {"key_1"=> "value A1", 
"key_2"=>["val B2", "val C3"]} }

There we have array inside item_2.
That can be permit as below-

params.permit(item_2: [:key_1, :key_2 => [] ])

Above saved my day, may be helpful for you too.