search

ryanb / cancan

Authorization Gem for Ruby on Rails.
MIT License
6.28k stars 785 forks source link

ActiveModel::ForbiddenAttributesError using Rails 4 #894

Open kashiftufail opened 11 years ago

kashiftufail commented 11 years ago

Hi,

I am using Rails 4 and don't find any branch especially for Rails 4.

My ability.rb code.

 def initialize(user)
      # Define abilities for the passed in user here. For example:
      #
      user ||= User.new # guest user (not logged in)
     if user.role.name == "super_admin"
       can :manage, :all
     elsif user.role.name == "job_admin"
         can :manage, Job , :job => { :id => user.job_ids }
         can :manage, JobUser
     else
          can :read, Job
          can :new, JobUser
           can :create, JobUser
    end
 end

My JobUser controller code.

 class JobUsersController < ApplicationController
      #before_action :set_job, only: [:show]
       layout "application"
       load_and_authorize_resource

     def create
      #custom code
      binding.pry
    end

 end

Before implement CanCan it was working fine. But after post "JobUser" form control not come in "create" method.

Below is trace

activemodel (4.0.0) lib/active_model/forbidden_attributes_protection.rb:21:in sanitize_for_mass_assignment' activerecord (4.0.0) lib/active_record/attribute_assignment.rb:21:inassign_attributes' activerecord (4.0.0) lib/active_record/core.rb:192:in initialize' activerecord (4.0.0) lib/active_record/inheritance.rb:27:innew' activerecord (4.0.0) lib/active_record/inheritance.rb:27:in new' cancan (1.6.10) lib/cancan/controller_resource.rb:85:inbuild_resource' cancan (1.6.10) lib/cancan/controller_resource.rb:66:in load_resource_instance' cancan (1.6.10) lib/cancan/controller_resource.rb:32:inload_resource' cancan (1.6.10) lib/cancan/controller_resource.rb:25:in load_and_authorize_resource' cancan (1.6.10) lib/cancan/controller_resource.rb:10:inblock in add_before_filter' activesupport (4.0.0) lib/active_support/callbacks.rb:387:in _run__2184254992644949417__process_action__callbacks' activesupport (4.0.0) lib/active_support/callbacks.rb:80:inrun_callbacks' actionpack (4.0.0) lib/abstract_controller/callbacks.rb:17:in process_action' actionpack (4.0.0) lib/action_controller/metal/rescue.rb:29:inprocess_action' actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:31:in block in process_action' activesupport (4.0.0) lib/active_support/notifications.rb:159:inblock in instrument' activesupport (4.0.0) lib/active_support/notifications/instrumenter.rb:20:in instrument' activesupport (4.0.0) lib/active_support/notifications.rb:159:ininstrument' actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:30:in process_action' actionpack (4.0.0) lib/action_controller/metal/params_wrapper.rb:245:inprocess_action' activerecord (4.0.0) lib/active_record/railties/controller_runtime.rb:18:in process_action' actionpack (4.0.0) lib/abstract_controller/base.rb:136:inprocess' actionpack (4.0.0) lib/abstract_controller/rendering.rb:44:in process' actionpack (4.0.0) lib/action_controller/metal.rb:195:indispatch' actionpack (4.0.0) lib/action_controller/metal/rack_delegation.rb:13:in dispatch' actionpack (4.0.0) lib/action_controller/metal.rb:231:inblock in action' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:in call' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:indispatch' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:48:in call' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:71:inblock in call' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:in each' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:incall' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:655:in call' rack-pjax (0.7.0) lib/rack/pjax.rb:12:incall' warden (1.2.1) lib/warden/manager.rb:35:in block in call' warden (1.2.1) lib/warden/manager.rb:34:incatch' warden (1.2.1) lib/warden/manager.rb:34:in call' rack (1.5.2) lib/rack/etag.rb:23:incall' rack (1.5.2) lib/rack/conditionalget.rb:35:in call' rack (1.5.2) lib/rack/head.rb:11:incall' remotipart (1.0.5) lib/remotipart/middleware.rb:30:in call' actionpack (4.0.0) lib/action_dispatch/middleware/params_parser.rb:27:incall' actionpack (4.0.0) lib/action_dispatch/middleware/flash.rb:241:in call' rack (1.5.2) lib/rack/session/abstract/id.rb:225:incontext' rack (1.5.2) lib/rack/session/abstract/id.rb:220:in call' actionpack (4.0.0) lib/action_dispatch/middleware/cookies.rb:486:incall' activerecord (4.0.0) lib/active_record/query_cache.rb:36:in call' activerecord (4.0.0) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:incall' activerecord (4.0.0) lib/active_record/migration.rb:369:in call' actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:29:inblock in call' activesupport (4.0.0) lib/active_support/callbacks.rb:373:in _run__338247035968918040__call__callbacks' activesupport (4.0.0) lib/active_support/callbacks.rb:80:inrun_callbacks' actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:27:in call' actionpack (4.0.0) lib/action_dispatch/middleware/reloader.rb:64:incall' actionpack (4.0.0) lib/action_dispatch/middleware/remote_ip.rb:76:in call' actionpack (4.0.0) lib/action_dispatch/middleware/debug_exceptions.rb:17:incall' actionpack (4.0.0) lib/action_dispatch/middleware/show_exceptions.rb:30:in call' railties (4.0.0) lib/rails/rack/logger.rb:38:incall_app' railties (4.0.0) lib/rails/rack/logger.rb:21:in block in call' activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:inblock in tagged' activesupport (4.0.0) lib/active_support/tagged_logging.rb:25:in tagged' activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:intagged' railties (4.0.0) lib/rails/rack/logger.rb:21:in call' actionpack (4.0.0) lib/action_dispatch/middleware/request_id.rb:21:incall' rack (1.5.2) lib/rack/methodoverride.rb:21:in call' rack (1.5.2) lib/rack/runtime.rb:17:incall' activesupport (4.0.0) lib/active_support/cache/strategy/local_cache.rb:83:in call' rack (1.5.2) lib/rack/lock.rb:17:incall' actionpack (4.0.0) lib/action_dispatch/middleware/static.rb:64:in call' railties (4.0.0) lib/rails/engine.rb:511:incall' railties (4.0.0) lib/rails/application.rb:97:in call' rack (1.5.2) lib/rack/lock.rb:17:incall' rack (1.5.2) lib/rack/content_length.rb:14:in call' rack (1.5.2) lib/rack/handler/webrick.rb:60:inservice' /home/kashif/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/httpserver.rb:138:in service' /home/kashif/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/httpserver.rb:94:inrun' /home/kashif/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread' Request

Parameters:

{"utf8"=>"✓", "authenticity_token"=>"2gLYn92JkJ7r7YEwk1zWApeNQ5Kb4+D1T4paaMivm0w=", "job_user"=>{"cover_letter"=>""}, "_wysihtml5_mode"=>"1", "commit"=>"Apply", "job_id"=>"IvSkJMl9JB1mWGL57MNHnA55FLhF3W"}

Any help please?

Thanks

FoboCasteR commented 11 years ago

https://github.com/ryanb/cancan/issues/835

suxu commented 10 years ago

The same problem Rails 4.0

xhoy commented 10 years ago

Thanks for your submission! The ryanb/cancan repository has been inactive since Sep 06, 2013. Since only Ryan himself has commit permissions, the CanCan project is on a standstill.

CanCan has many open issues, including missing support for Rails 4. To keep CanCan alive, an active fork exists at cancancommunity/cancancan. The new gem is cancancan. More info is available at #994.

If your pull request or issue is still applicable, it would be really appreciated if you resubmit it to CanCanCan.

We hope to see you on the other side!