#500 error with a simple Ruby on Rails and Angularjs project

130 views Asked by At

thank you al for taking the time to help me with this issue. I am new to Ruby so this may seem like a simple answer. I created an api to allow Ruby and Angularjs to talk to each other. API below:

class EntriesController < ApplicationController
respond_to :json
protect_from_forgery

def index
    respond_with Entry.all
end

def show
    respond_with Entry.find(params[:id])
end

def create
    respond_with Entry.create(params[:entry])
end

def update
    respond_with Entry.update(params[:id], params[entry])
end

def destroy
    respond_with Entry.destroy(params[:id])
end
end

My angular js controller is:

@app = angular.module("angRails",["ngResource", "ngMaterial", "ngAnimate", "ngAria"]);

@mainCTRL = ["$scope", "$resource", ($scope, $resource) ->

  Entry = $resource("/entries/:id", {id: "@id"}, {update: {method: "PUT"}})

  $scope.newName = "";

  $scope.entries = Entry.query();


  $scope.addEntry = ->

unless $scope.newName is ""
  entry = Entry.save($scope.newName)
  console.log(JSON.stringify(entry));
  $scope.entries.push(entry);
  console.log("add Entry function");
  $scope.newName = "";

]


app.controller("mainCTRL", mainCTRL);

The $scope.entries = Entry.query(); works completely fine but the create entry is not working at all. I get the error:

POST http://localhost:3000/entries 500 (Internal Server Error)

ActiveModel::ForbiddenAttributesError in EntriesController#create
ActiveModel::ForbiddenAttributesError

Extracted source (around line #14):
12
13 def create
14 respond_with Entry.create(params[:entry])
15 end

I am not sure why I get this error. i am grateful with any help I can get. Thank you!

2

There are 2 answers

0
craig.kaminsky On BEST ANSWER

It would appear from your controller that you are not allowing/accounting for strong params.

In your controller, you need a method that indicates which params are allowed for your model.

def create
  @entry = Entry.new(entry_params)
  @entry.save
  respond_with(@entry)
end 

private 
def entry_params
  params.require(:entry).permit(:attribute, :another_attribute)
end
0
frishi On

You are getting a ForbiddenAttributesError

You need to explicity specify which params are whitelisted for mass-updating: http://edgeguides.rubyonrails.org/action_controller_overview.html#strong-parameters

This is a solution to a similar problem: ActiveModel::ForbiddenAttributesError when creating new user