Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Ruby on Rails: found unpermitted parameters: _method, authenticity_token

I used this guide as a starting point for creating a messaging system from scratch.

Everything worked fine. But for some reason, whenever I now try to create a new conversation by clicking in my view the following link

<%= link_to 'Message me', conversations_path(sender_id: current_user.id, recipient_id: @user.id), class: 'btn btn-primary', method: :post %>

I encounter the error:

found unpermitted parameters: _method, authenticity_token

Here are the params:

{"_method"=>"post", "authenticity_token"=>"BL2XeA6BSjYliU2/rbdZiSnOj1N5/VMRhRIgN8LEXYPyWfxyiBM1SjYPofq7qO4+aqMhgojvnYyDyeLTcerrSQ==", "recipient_id"=>"1", "sender_id"=>"30", "controller"=>"conversations", "action"=>"create"}

I am directed to the params.permit line in my controller:

class ConversationsController < ApplicationController
  before_action :authenticate_user!

  # GET /conversations
  # GET /conversations.json
  def index
    @users = User.all

    # Restrict to conversations with at least one message and sort by last updated
    @conversations = Conversation.joins(:messages).uniq.order('updated_at DESC')
  end

  # POST /conversations
  # POST /conversations.json
  def create
    if Conversation.between(params[:sender_id], params[:recipient_id]).present?
      @conversation = Conversation.between(params[:sender_id], params[:recipient_id]).first
    else
      @conversation = Conversation.create!(conversation_params)
    end

    redirect_to conversation_messages_path(@conversation)
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def conversation_params
      params.permit(:sender_id, :recipient_id)
    end
end

Strangely, I did not have this issue before, and I have not made any changes. What might the issue be?

like image 616
anti-destin Avatar asked Nov 09 '22 03:11

anti-destin


1 Answers

Your params should probably be defined like this:

def conversation_params
  params.require(:conversation).permit(:sender_id, :recipient_id)
end

This should make sure that the other hidden parameters that are generated by the form automatically are not being blocked.

like image 134
IngoAlbers Avatar answered Nov 14 '22 21:11

IngoAlbers