Rails 4 and HABTM Checkboxes: Unpermitted parameters error

Sadaf_N · October 23, 2013, 11:21pm

I have a simple Rails 4 project with two scaffolded models: Practice and
Practitioner. I have set these both as habtm and am in the process of
adding checkboxes to the Practitioner form so that I can check off the
practices that this practitioner belongs to. In the
practitioners_controller, I added practice_ids to the
practitioner_params permit list, but I am still getting the error:

Started PATCH “/practitioners/1” for 127.0.0.1 at 2013-10-23 16:35:34
-0400
Processing by PractitionersController#update as HTML
Parameters: {“utf8”=>“✓”,
“authenticity_token”=>“u9XWBVshMKmLg+YhVFWu10PTQu+uvAbbvBck4QQG6wk=”,
“practitioner”=>{“first_name”=>“Christine”, “last_name”=>“Campbell”,
“degree”=>“CRNP”, “accepting_new_patients”=>“1”,
“specialty”=>“Obstetrics & Gynecology”, “secondary_specialty”=>"",
“c_v”=>“Undergraduate Education: 1988\r\nGraduate School Education:
1995\r\nAffiliations: Pottstown Memorial Hospital”,
“practice_ids”=>[nil, “1”]}, “commit”=>“Update Practitioner”, “id”=>“1”}
Practitioner Load (0.2ms) SELECT “practitioners”.* FROM
“practitioners” WHERE “practitioners”.“id” = ? ORDER BY
“practitioners”.last_name ASC, “practitioners”.first_name ASC LIMIT 1
[[“id”, “1”]]
Unpermitted parameters: practice_ids

when I try to update. If I comment out the practitioner_params method,
like this:

def practitioner_params
  params.require(:practitioner).permit!#(:first_name, :last_name,

:degree, :accepting_new_patients, :specialty, :secondary_specialty,
:c_v, :practice_ids)
end

then the form works correctly (so it’s not an HTML issue or anything
basic like that) – I am able to set and unset the practice ids.

Can anyone suggest how I can keep the strong_parameters from Rails 4 but
use habtm like this?

Thanks,

Walter

walterdavis · October 24, 2013, 1:19am

Documenting this for posterity…

On Oct 23, 2013, at 5:20 PM, Walter Lee D. wrote:

def practitioner_params
params.require(:practitioner).permit!#(:first_name, :last_name, :degree,
:accepting_new_patients, :specialty, :secondary_specialty, :c_v, :practice_ids)
end

then the form works correctly (so it’s not an HTML issue or anything basic like
that) – I am able to set and unset the practice ids.

Can anyone suggest how I can keep the strong_parameters from Rails 4 but use
habtm like this?

When declaring an array-shaped value in the strong parameters method,
you must hint at its format, like this

:practice_ids => []

Once that’s done, the whole thing Just Works™.

Can anyone point me to a definitive guide to the new strong parameters?
I didn’t see it in the Rails Guides anywhere.

Walter

walterdavis · October 25, 2013, 7:28pm

On Oct 25, 2013, at 1:11 PM, tamouse mailing lists wrote:

On Wed, Oct 23, 2013 at 6:18 PM, Walter Lee D. [email protected] wrote:

Can anyone point me to a definitive guide to the new strong parameters? I
didn’t see it in the Rails Guides anywhere.

Hard to say about “definitive”, but this is my go-to:

http://edgeguides.rubyonrails.org/action_controller_overview.html#strong-parameters

I haven’t delved into any of the updated texts for Rails 4 yet except
the Rails 4 In Action pre-publication version, and that still needs to
be updated for strong parameters. Soon, I hope.

Thanks so much!

Walter

walterdavis · October 25, 2013, 7:12pm

On Wed, Oct 23, 2013 at 6:18 PM, Walter Lee D. [email protected]
wrote:

Can anyone point me to a definitive guide to the new strong parameters? I didn’t
see it in the Rails Guides anywhere.

Hard to say about “definitive”, but this is my go-to:

http://edgeguides.rubyonrails.org/action_controller_overview.html#strong-parameters

I haven’t delved into any of the updated texts for Rails 4 yet except
the Rails 4 In Action pre-publication version, and that still needs to
be updated for strong parameters. Soon, I hope.