Forum: Ruby on Rails Strange Problem with ActionController (I think)

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Andrew G. (Guest)
on 2006-04-03 06:37
I'm working through the Agile Depot example

I have no idea what I did, but when I try and delete something from the
web page I get this error on the log.

Processing AdminController#destroy (for 127.0.0.1 at 2006-04-02
22:28:06) [GET]
  Session ID: 4371bd7ca2cb5ec5e08e60a7590df90a
  Parameters: {"action"=>"destroy", "id"=>"5", "controller"=>"admin"}
Redirected to http://localhost:3000/admin/list
Filter chain halted as
[#<Proc:0x013862e0@/usr/local/lib/ruby/gems/1.8/gems/actionpack-1.12.0/lib/action_controller/verification.rb:64>]
returned false
Completed in 0.00135 (739 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/admin/destroy/5]

If i go in using the console, I can perform product = Product.find(1);
product.destroy; but using the browser, I can't delete anything

I also tried using breakpoint in the destroy method in the
ActionController, but it never seems to get triggered, in fact, I think
the method itself never gets run... so i'm a little lost..


any help would be welcome !! :)

cheers
Andrew G. (Guest)
on 2006-04-03 08:22
oops, I realised I should have put this in:

my rhtml file has this:
<%= link_to 'Destroy', { :action => 'destroy', :id => product },
	                             :confirm => "Are you sure?" %>

which results in this html on the rendered page:
<a href="/admin/destroy/5" onclick="return confirm('Are you
sure?');">Destroy</a>
Bill W. (Guest)
on 2006-04-03 08:45
(Received via mailing list)
Hi Andrew

Would you mind sharing a little code?  It might be simple.  Might not
be.
Can't tell without seeing some code.

Best regards
Bill
----- Original Message -----
From: "Andrew G." <removed_email_address@domain.invalid>
To: <removed_email_address@domain.invalid>
Sent: 2006-04-02 9:37 PM
Subject: [Rails] Strange Problem with ActionController (I think)


> Filter chain halted as
>
[#<Proc:0x013862e0@/usr/local/lib/ruby/gems/1.8/gems/actionpack-1.12.0/lib/a
ction_controller/verification.rb:64>]
Alan F. (Guest)
on 2006-04-03 18:17
Andrew G. wrote:
> oops, I realised I should have put this in:
>
> my rhtml file has this:
> <%= link_to 'Destroy', { :action => 'destroy', :id => product },
> 	                             :confirm => "Are you sure?" %>
>
> which results in this html on the rendered page:
> <a href="/admin/destroy/5" onclick="return confirm('Are you
> sure?');">Destroy</a>

The block in question is this:

 before_filter(filter_opts) do |c|
          c.send :verify_action, options
        end

This is guesswork, with no 1.1 app or AWDR book, but ISTR that Rails1.1
puts a before_filter in the scaffold to ensure destroy is called with a
:post type.  'link_to' will generate a :get, which now won't work.

Look through *your* controller for a before_filter which has something
to do with :method => :post and :only => {:destroy....}.  Remove this
line and (if I'm right) you should be cooking.

A.
Alan F. (Guest)
on 2006-04-04 19:24
Hi Andrew,

How did you get on ?

Alan

Alan F. wrote:
> Andrew G. wrote:
>> oops, I realised I should have put this in:
>>
>> my rhtml file has this:
>> <%= link_to 'Destroy', { :action => 'destroy', :id => product },
>> 	                             :confirm => "Are you sure?" %>
>>
>> which results in this html on the rendered page:
>> <a href="/admin/destroy/5" onclick="return confirm('Are you
>> sure?');">Destroy</a>
>
> The block in question is this:
>
>  before_filter(filter_opts) do |c|
>           c.send :verify_action, options
>         end
>
> This is guesswork, with no 1.1 app or AWDR book, but ISTR that Rails1.1
> puts a before_filter in the scaffold to ensure destroy is called with a
> :post type.  'link_to' will generate a :get, which now won't work.
>
> Look through *your* controller for a before_filter which has something
> to do with :method => :post and :only => {:destroy....}.  Remove this
> line and (if I'm right) you should be cooking.
>
> A.
Martin K (Guest)
on 2006-04-07 13:40
Hi,
 Had the same problem and removed this line of code that the scaffold
autogenerated:

# GETs should be safe (see
http://www.w3.org/2001/tag/doc/whenToUseGet.html)
  verify :method => :post, :only => [ :destroy, :create, :update ],
         :redirect_to => { :action => :list }

It's fixed the problem for now, I'll have to manually check all my
controllers that are linked to a db table though.

Thanks Alan, saved me a lot of time.




Alan F. wrote:
> Hi Andrew,
>
> How did you get on ?
>
> Alan
>
> Alan F. wrote:
>> Andrew G. wrote:
>>> oops, I realised I should have put this in:
>>>
>>> my rhtml file has this:
>>> <%= link_to 'Destroy', { :action => 'destroy', :id => product },
>>> 	                             :confirm => "Are you sure?" %>
>>>
>>> which results in this html on the rendered page:
>>> <a href="/admin/destroy/5" onclick="return confirm('Are you
>>> sure?');">Destroy</a>
>>
>> The block in question is this:
>>
>>  before_filter(filter_opts) do |c|
>>           c.send :verify_action, options
>>         end
>>
>> This is guesswork, with no 1.1 app or AWDR book, but ISTR that Rails1.1
>> puts a before_filter in the scaffold to ensure destroy is called with a
>> :post type.  'link_to' will generate a :get, which now won't work.
>>
>> Look through *your* controller for a before_filter which has something
>> to do with :method => :post and :only => {:destroy....}.  Remove this
>> line and (if I'm right) you should be cooking.
>>
>> A.
This topic is locked and can not be replied to.