search

spree-contrib / spree_drop_ship

Spree Drop Shipping Extension
BSD 3-Clause "New" or "Revised" License
104 stars 120 forks source link

New Supplier ActiveModel::ForbiddenAttributesError #37

Closed mhelfer closed 10 years ago

mhelfer commented 10 years ago

I am running the drop ship gem (master branch) with Spree 2-1-stable. When I enable supplier signup, and then actually try to sign up to be a supplier I get the below error related to strong parameter assignment:

Path: /suppliers/new

Error: ActiveModel::ForbiddenAttributesError

Trace: activemodel (4.0.0) lib/active_model/forbidden_attributes_protection.rb:21:in sanitize_for_mass_assignment' activerecord (4.0.0) lib/active_record/attribute_assignment.rb:21:inassign_attributes' activerecord (4.0.0) lib/active_record/core.rb:192:in initialize' activerecord (4.0.0) lib/active_record/inheritance.rb:27:innew' activerecord (4.0.0) lib/active_record/inheritance.rb:27:in new' /Users/michaelhelfer/.rbenv/versions/2.0.0-p247/lib/ruby/gems/2.0.0/bundler/gems/spree_drop_ship-09349f9e3e09/app/controllers/spree/suppliers_controller.rb:22:increate' actionpack (4.0.0) lib/action_controller/metal/implicit_render.rb:4:in send_action' actionpack (4.0.0) lib/abstract_controller/base.rb:189:inprocess_action' actionpack (4.0.0) lib/action_controller/metal/rendering.rb:10:in process_action' actionpack (4.0.0) lib/abstract_controller/callbacks.rb:18:inblock in process_action' activesupport (4.0.0) lib/active_support/callbacks.rb:463:in _run__2315432672199375350__process_action__callbacks' activesupport (4.0.0) lib/active_support/callbacks.rb:80:inrun_callbacks' actionpack (4.0.0) lib/abstract_controller/callbacks.rb:17:in process_action' actionpack (4.0.0) lib/action_controller/metal/rescue.rb:29:inprocess_action' actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:31:in block in process_action' activesupport (4.0.0) lib/active_support/notifications.rb:159:inblock in instrument' activesupport (4.0.0) lib/active_support/notifications/instrumenter.rb:20:in instrument' activesupport (4.0.0) lib/active_support/notifications.rb:159:ininstrument' actionpack (4.0.0) lib/action_controller/metal/instrumentation.rb:30:in process_action' actionpack (4.0.0) lib/action_controller/metal/params_wrapper.rb:245:inprocess_action' activerecord (4.0.0) lib/active_record/railties/controller_runtime.rb:18:in process_action' actionpack (4.0.0) lib/abstract_controller/base.rb:136:inprocess' actionpack (4.0.0) lib/abstract_controller/rendering.rb:44:in process' actionpack (4.0.0) lib/action_controller/metal.rb:195:indispatch' actionpack (4.0.0) lib/action_controller/metal/rack_delegation.rb:13:in dispatch' actionpack (4.0.0) lib/action_controller/metal.rb:231:inblock in action' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:in call' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:80:indispatch' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:48:in call' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:71:inblock in call' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:in each' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:incall' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:655:in call' railties (4.0.0) lib/rails/engine.rb:511:incall' railties (4.0.0) lib/rails/railtie/configurable.rb:30:in method_missing' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:71:inblock in call' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:in each' actionpack (4.0.0) lib/action_dispatch/journey/router.rb:59:incall' actionpack (4.0.0) lib/action_dispatch/routing/route_set.rb:655:in call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:incall!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:incall!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:incall!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:incall!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call' warden (1.2.3) lib/warden/manager.rb:35:inblock in call' warden (1.2.3) lib/warden/manager.rb:34:in catch' warden (1.2.3) lib/warden/manager.rb:34:incall' rack (1.5.2) lib/rack/etag.rb:23:in call' rack (1.5.2) lib/rack/conditionalget.rb:35:incall' rack (1.5.2) lib/rack/head.rb:11:in call' actionpack (4.0.0) lib/action_dispatch/middleware/params_parser.rb:27:incall' actionpack (4.0.0) lib/action_dispatch/middleware/flash.rb:241:in call' rack (1.5.2) lib/rack/session/abstract/id.rb:225:incontext' rack (1.5.2) lib/rack/session/abstract/id.rb:220:in call' actionpack (4.0.0) lib/action_dispatch/middleware/cookies.rb:486:incall' activerecord (4.0.0) lib/active_record/query_cache.rb:36:in call' activerecord (4.0.0) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:incall' activerecord (4.0.0) lib/active_record/migration.rb:369:in call' actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:29:inblock in call' activesupport (4.0.0) lib/active_support/callbacks.rb:373:in _run__61129833526744053__call__callbacks' activesupport (4.0.0) lib/active_support/callbacks.rb:80:inrun_callbacks' actionpack (4.0.0) lib/action_dispatch/middleware/callbacks.rb:27:in call' actionpack (4.0.0) lib/action_dispatch/middleware/reloader.rb:64:incall' actionpack (4.0.0) lib/action_dispatch/middleware/remote_ip.rb:76:in call' actionpack (4.0.0) lib/action_dispatch/middleware/debug_exceptions.rb:17:incall' actionpack (4.0.0) lib/action_dispatch/middleware/show_exceptions.rb:30:in call' railties (4.0.0) lib/rails/rack/logger.rb:38:incall_app' railties (4.0.0) lib/rails/rack/logger.rb:21:in block in call' activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:inblock in tagged' activesupport (4.0.0) lib/active_support/tagged_logging.rb:25:in tagged' activesupport (4.0.0) lib/active_support/tagged_logging.rb:67:intagged' railties (4.0.0) lib/rails/rack/logger.rb:21:in call' actionpack (4.0.0) lib/action_dispatch/middleware/request_id.rb:21:incall' rack (1.5.2) lib/rack/methodoverride.rb:21:in call' rack (1.5.2) lib/rack/runtime.rb:17:incall' activesupport (4.0.0) lib/active_support/cache/strategy/local_cache.rb:83:in call' rack (1.5.2) lib/rack/lock.rb:17:incall' actionpack (4.0.0) lib/action_dispatch/middleware/static.rb:64:in call' railties (4.0.0) lib/rails/engine.rb:511:incall' railties (4.0.0) lib/rails/application.rb:97:in call' rack (1.5.2) lib/rack/content_length.rb:14:incall' thin (1.6.1) lib/thin/connection.rb:82:in block in pre_process' thin (1.6.1) lib/thin/connection.rb:80:incatch' thin (1.6.1) lib/thin/connection.rb:80:in pre_process' thin (1.6.1) lib/thin/connection.rb:55:inprocess' thin (1.6.1) lib/thin/connection.rb:41:in receive_data' eventmachine (1.0.3) lib/eventmachine.rb:187:inrun_machine' eventmachine (1.0.3) lib/eventmachine.rb:187:in run' thin (1.6.1) lib/thin/backends/base.rb:73:instart' thin (1.6.1) lib/thin/server.rb:162:in start' rack (1.5.2) lib/rack/handler/thin.rb:16:inrun' rack (1.5.2) lib/rack/server.rb:264:in start' railties (4.0.0) lib/rails/commands/server.rb:84:instart' railties (4.0.0) lib/rails/commands.rb:78:in block in <top (required)>' railties (4.0.0) lib/rails/commands.rb:73:intap' railties (4.0.0) lib/rails/commands.rb:73:in <top (required)>' bin/rails:4:inrequire' bin/rails:4:in <top (required)>' -e:1:inload' -e:1:in `

'

Parameters:

{"utf8"=>"✓", "authenticity_token"=>"qE5zBRiiZxRix9vdxhIdIzY3amtxncfggVp9eCHQgmQ=", "supplier"=>{"name"=>"Test", "merchant_type"=>"individual"}, "commit"=>"Sign Up"}

JDutil commented 10 years ago

This extension hasn't been fully updated for Spree 2.1.x yet. The controllers need to have the strong_params updates for rails 4 implemented still if you can work on a PR before I get to it.

mhelfer commented 10 years ago

Running the gem locally it appears to be caused by cancan. I followed the advice of this thread: https://github.com/ryanb/cancan/issues/835#issuecomment-18663815

By modifying the suppliers_controller, it solved my problem.

Feels like a little bit of a hack, and haven't confirmed if it is happening with any more of the controllers. I'll see if I can't put together a pull request.

FYI for anybody else having this problem.

JDutil commented 10 years ago

Could you at least provide a link to the comparison of your branch vs master branch that fixes the problem? would like to see what you did to resolve the error even if it can't be worked back into master branch of this ext.

mhelfer commented 10 years ago

I forked your repo and made the following changes so I could test them. Here is the commit that I used to correct both the issues 37 and 36.

https://github.com/mhelfer/spree_drop_ship/commit/45b47f0fceb095c78cb3dad2f5ef667858f23370

Mike