phatworx / devise_security_extension

An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.
MIT License
747 stars 346 forks source link

Gem Load Error is: uninitialized constant ActiveModel::ForbiddenAttributesProtection #210

Open marcosserpa opened 7 years ago

marcosserpa commented 7 years ago

Guys, I'm trying to upgrade an application from Rails 3.2.22 to 4.0.13 and I'm getting Gem Load Error is: uninitialized constant ActiveModel::ForbiddenAttributesProtection when trying to load devise_security_extension gem (0.10.0). The gem was suppose to be ready for Rails 4.0.x. That error was not suppose to be happening.

The error trace:

/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:94:in `rescue in block (2 levels) in require': There was an error while trying to load the gem 'devise_security_extension'. (Bundler::GemRequireError)
Gem Load Error is: uninitialized constant ActiveModel::ForbiddenAttributesProtection
Backtrace for gem load error is:
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/attribute_assignment.rb:6:in `<module:AttributeAssignment>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/attribute_assignment.rb:3:in `<module:ActiveRecord>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/attribute_assignment.rb:2:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/base.rb:300:in `<class:Base>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/base.rb:281:in `<module:ActiveRecord>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/activerecord-4.0.0/lib/active_record/base.rb:22:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/devise_security_extension-0.10.0/lib/devise_security_extension/models/old_password.rb:2:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/devise_security_extension-0.10.0/lib/devise_security_extension.rb:104:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:91:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:91:in `block (2 levels) in require'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:86:in `each'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:86:in `block in require'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:75:in `each'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler/runtime.rb:75:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/bundler-1.14.3/lib/bundler.rb:107:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/config/application.rb:13:in `<top (required)>'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/config/environment.rb:2:in `<top (required)>'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/spec/spec_helper.rb:6:in `<top (required)>'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/.rbenv/versions/2.1.8/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Users/marcosserpa/workspace/work/ironin/vmm/spec/classes/notification/adapters/push_spec.rb:1:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/configuration.rb:1435:in `load'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/configuration.rb:1435:in `block in load_spec_files'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/configuration.rb:1433:in `each'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/configuration.rb:1433:in `load_spec_files'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/runner.rb:100:in `setup'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/runner.rb:86:in `run'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/invocations.rb:23:in `call'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/runner.rb:69:in `run'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/lib/rspec/core/runner.rb:45:in `invoke'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/gems/rspec-core-3.5.4/exe/rspec:4:in `<top (required)>'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/bin/rspec:23:in `load'
/Users/marcosserpa/workspace/work/ironin/vmm/.gems/bin/rspec:23:in `<main>'

My Gemfile:

source 'http://rubygems.org'

ruby '2.1.8'

gem 'rails', '4.0.0'
gem 'rake'

gem 'activeresource'
gem 'rails-observers'

gem 'bootstrap-wysihtml5-rails'
gem 'jquery-rails', '= 2.2.1'
gem 'jquery-hotkeys-rails'
gem 'jquery-mousewheel-rails'
gem 'jquery-ui-rails', '= 4.0.1'
gem 'jscrollpane-rails'
gem 'requirejs-rails'
gem 'turbolinks'

gem 'acts_as_list', '0.7.4'
gem 'paranoia'
gem 'acts_as_tree', '2.2.0'

source 'https://rails-assets.org' do
  BOOTSTRAP_VERSION = '= 3.3.4'
  ANGULAR_VERSION   = '= 1.3.15'
  gem 'rails-assets-bootstrap-sass', BOOTSTRAP_VERSION
  gem 'rails-assets-angular', ANGULAR_VERSION
  gem 'rails-assets-angular-animate', ANGULAR_VERSION
  gem 'rails-assets-angular-gantt', '= 1.2.5'
  gem 'rails-assets-angular-filereader'
  gem 'rails-assets-angular-google-maps', '= 2.0.17'
  gem 'rails-assets-angular-resource', ANGULAR_VERSION
  gem 'rails-assets-angular-sanitize', ANGULAR_VERSION
  gem 'rails-assets-angular-ui-select', '= 0.11.2'
  gem 'rails-assets-angular-wysiwyg', '= 1.2.2'
  gem 'rails-assets-jquery', '= 2.1.3'
  gem 'rails-assets-jquery-debounce'
  gem 'rails-assets-ng-file-upload', '= 3.3.4'
  gem 'rails-assets-restangular'
end

gem 'simple_form_angular'

gem 'devise', '3.3.0'
gem 'devise_security_extension', '0.10.0'

gem 'pg'
gem 'slugged', '2.0.0'

gem 'active_model_serializers', '0.9.3'
gem 'activerecord-postgres-hstore' # Remove after removing DataActivity OR after update to Rails 4 - read the
gem 'foreigner', '1.7.3' # will not be needed in Rails 4.2 and up
gem 'geocoder', '1.4.3' # needs some changes when in rails 4.1 and up. look at gem page at github

gem 'haml', '4.0.7' # why using haml AND haml-rails at the same time? Try to remove with rails 4.2
gem 'less-rails'
gem 'sass-rails', '5.0.0' # needs to be changed to 5.0.0 when in rails 4.0 and up
gem 'rabl', '0.13.1'

gem 'autoprefixer-rails'

gem 'figaro', '>= 0.5.3' # Are we using figaro? I did not see any application.yml
gem 'rails-settings-cached', '0.3.2' # needs to be changed to 0.3.2 when in rails 4.0, to 0.3.2 when in rails

gem 'activerecord_any_of', '1.4' # could we replace the places that uses the methods to not use this gem?
gem 'axlsx', github: 'randym/axlsx'
gem 'carrierwave_backgrounder'
gem 'carrierwave_direct'
gem 'chronic', '0.10.2' # too old. could we replace this by some other thing?
gem 'doc_raptor' # deprecated. is this used somewhere? if yes change to https://github.com/DocRaptor/docraptor-ruby
gem 'draper', require: false # change to 2.1.0 when in rails 4.2
gem 'font_assets', github: 'grzlus/font_assets' # remove. not needed
gem 'interactor'
gem 'mimemagic' # do we really need this? Just one place uses this

gem 'mini_magick', git: 'git://github.com/minimagick/minimagick.git', ref: '6d0f8f953112cce6324a524d76c7e126ee14f392' # study remove rmagick and let only this in the last version
gem 'rmagick'

gem 'multi_fetch_fragments'
gem 'naught', '1.1.0'
gem 'redis-session-store', '0.9.1'
gem 'roar-rails', '1.0.2'
gem 'roo', '2.7.1'
gem 'roo-xls'
gem 'routing_concerns' # try to remove in rails 4.2
gem 'rubyXL', '3.3.22', require: false
gem 'virtus'
gem 'wicked_pdf', '1.1.0'
gem 'audited', '4.0.0'

gem 'activerecord-postgres-array', '0.0.9' # Not need in Rails4
gem 'fog', '~> 1.3.1' # try to update to 1.38.0
gem 'navigasmic', '1.1.0'
gem 'kaminari', '0.17.0' # needs to be changed to 1.0.1 when in rails 4.1 and up
gem 'kaminari-bootstrap'
gem 'savon', github: 'savonrb/savon'
gem 'rails_serve_static_assets', '0.0.5'
gem 'ruby-progressbar', require: false

gem 'tire'

gem 'ransack'

gem 'heroku-api'

gem 'passenger', '>= 5.1.2'

gem 'therubyracer'

gem 'httpclient'

gem 'sidekiq', '4.2.9'
gem 'sidetiq', github: 'grzlus/sidetiq'
gem 'sidekiq-middleware'
gem 'sinatra'
gem 'redis'

gem 'coffee-rails', '~> 4.0.0'
gem 'uglifier', '>= 1.3.0'

group :beta, :production, :staging, :testing do
  gem 'newrelic_rpm'
end

group :test, :development do
  gem 'pry-byebug'
  gem 'capybara', '~> 2.12.0'
  gem 'dotenv-rails', '2.2.0'
  gem 'fabrication', '~> 2.16.0'
  gem 'guard-rspec', '4.6.4'
  gem 'json_expressions'
  gem 'rb-fsevent', '~> 0.9.8'
  gem 'rspec-rails', '~> 3.5.2'
  gem 'spring', '1.7.2' # will not be needed in Rails 4.1 and up
  gem 'spring-commands-rspec'
end

group :test do
  gem 'database_cleaner', '>= 0.9.1'
  gem 'email_spec', '>= 1.4.0'
  gem 'launchy', '2.4.3'
  gem 'rspec-sidekiq'
  gem 'shoulda'
  gem 'timecop', '0.8.0'
  gem 'vcr'
  gem 'webmock', '1.24.6'
  gem 'rspec-collection_matchers'
end

group :development do
  gem 'better_errors', '2.1.1'
  gem 'binding_of_caller', '>= 0.6.8'
  gem 'bullet', '4.14.0' # needs to be changed to 5.5.0 when in rails 4.0 and up
  gem 'coffee-rails-source-maps' # will not be needed in Rails 4.X and up that includes coffescript >= 1.6.1
  gem 'foreman', '0.83.0'
  gem 'meta_request'
  gem 'pry-remote'
  gem 'quiet_assets', '>= 1.0.1' # maybe not needed anymore in rails 4.0 and up
  gem 'ruby_parser', '>= 3.1.1'
  gem 'yard' # is someone using this for something?
end

gem 'whenever', require: false
gem 'classy_hash'

Rails is already in 4.0.0. Ruby, 2.1.8.

Thanks! <3