Develop Reference

ForbiddenAttributesError rspec create action

This one is really annoying, im probably just missing something silly. been at it for 2h now, can see whats the problem. error: ActiveModel::ForbiddenAttributesError:
order.rb
has_many :item_lines
accepts_nested_attributes_for :item_lines
order_controller.rb
def create
if params[:v1_order][:item_lines_attributes].present?
puts "attributes: "
puts params[:v1_order][:item_lines_attributes] # {"quantity"=>"1", "net_price"=>"9.99"}
#v1_order = V1::Order.new(v1_order_params)
#v1_order.item_lines.build(params[:v1_order][:item_lines_attributes])
else
#v1_order = V1::Order.new(v1_order_params)
end
end
def v1_order_params
params.require(:v1_order).permit(:state, :vat, :order_date, :user_id,
:item_lines_attributes => [:quantity, :net_price])
end
order_controller_spec.rb
expect {
post :create,
:v1_order => {vat: 20, user_id: 1,state: 0,
:item_lines_attributes => [quantity: 2, net_price: 3]},
token: #user.api_key.token
}.to change(V1::Order, :count).by(1)
**below should also be valid, but no go **
post :create,
v1_order: FactoryGirl.attributes_for(:v1_order,
item_lines_attributes: FactoryGirl.attributes_for(:v1_item_line)),
Factories
factory :v1_order, :class => 'V1::Order' do
state 0
vat 20
user_id 1
end
factory :v1_item_line, :class => 'V1::ItemLine' do
quantity 1
net_price "9.99"
end
keep getting this:
Failure/Error: post :create,
ActiveModel::ForbiddenAttributesError:
ActiveModel::ForbiddenAttributesError

Define def v1_order_params inside the private function.
Private
def v1_order_params
....
end
End

In your controller you can try to change:
#v1_order.item_lines.build(params[:v1_order][:item_lines_attributes])
To:
#v1_order.item_lines.build(v1_item_lines_params)

Agile web development with rails ProductsControllerTest , meaning of :product symbol

I am new to ruby on rails and I have been reading the Agile web development with rails book.
I am working on Iteration B1: Validating, and I am really confused by the symbol :product while I am working on the test. The question is about the ":product => #update"
I really have no idea what does this mean and where the :product symbol come from. I know it is a hash, but which table does it hash to? what exactly does it do here? The code is as following. Thank you in advance.
require 'test_helper'
class ProductsControllerTest < ActionController::TestCase
setup do
#product = products(:one)
#update = {
:title => 'Lorem Ipsum',
:description => 'Wibbles are fun!',
:image_url => 'lorem.jpg',
:price => 19.95
}
end
test "should get index" do
get :index
assert_response :success
assert_not_nil assigns(:products)
end
test "should get new" do
get :new
assert_response :success
end
test "should create product" do
assert_difference('Product.count') do
***post :create, :product => #update***
end
assert_redirected_to product_path(assigns(:product))
end
# ...
test "should show product" do
get :show, :id => #product.to_param
assert_response :success
end
test "should get edit" do
get :edit, :id => #product.to_param
assert_response :success
end
test "should update product" do
put :update, :id => #product.to_param, :product => #update
assert_redirected_to product_path(assigns(:product))
end
# ...
test "should destroy product" do
assert_difference('Product.count', -1) do
delete :destroy, :id => #product.to_param
end
assert_redirected_to products_path
end
end

There is nothing magical about this construct. The #update is a variable name that references a hash. The hash is declared earlier in your test file.
#update = {
:title => 'Lorem Ipsum',
:description => 'Wibbles are fun!',
:image_url => 'lorem.jpg',
:price => 19.95
}
This hash contains new data that should be passed to the update action in the products controller. It's confusing because of the way the variable is named. A better name might help:
#product_attributes
The products#update action expects a hash containing updated data. That data is used to update the object.
The following line in your test...
post :update, :product => #update
Corresponds to this line you probably have in your products controller:
if #product.update_attributes(params[:product])
Notice params[:product]. It's basically saying "make a post request to products#update and pass it the #update hash as :product.
And that explains the symbol part. The :product symbol in your test is the name of the parameter that contains the product data, that the update action expects.
post :update, :product => #update
In theory you can call it whatever you want. But per convention it helps to call it the resource name.

Ruby On Rails 3 Tutorial Chap 8: Unit tests not passing

I'm working through Hartl's book and I'm up to chapter 8. I've written some tests that I believe should be passing. I've quadruple checked my code against what's in the book, and double checked it against what's in the book's github repo, but I'm stumped. I'm getting the following errors from RSpec:
Failures:
1) UsersController POST 'create' should redirect to the user "show" page
Failure/Error: response.should redirect_to(user_path(assigns(:user)))
ActionController::RoutingError:
No route matches {:action=>"show", :controller=>"users", :id=>#<User id: nil, name: nil, email: nil, created_at: nil, updated_at: nil, encrypted_password: nil, salt: nil>}
# ./spec/controllers/users_controller_spec.rb:93:in `block (3 levels) in <top (required)>'
2) UsersController POST 'create' should have a welcome message
Failure/Error: flash[:success].should =~ /welcome to the sample app/i
expected: /welcome to the sample app/i
got: nil (using =~)
# ./spec/controllers/users_controller_spec.rb:98:in `block (3 levels) in <top (required)>'
Finished in 0.83875 seconds
46 examples, 2 failures
Like I said, I've checked the code again and again. Restarted spork, restarted rails server, ran without spork. I've checked it against the code in the book and in the github repo. I've even copy/pasted the spec and controller code in the github repo, but all to no avail.
I'm stumped. It's late and I need to crash. :)
Hopefully one of you guys can see something I'm not. Here's what I've got so far...
users_controller_spec.rb
require 'spec_helper'
describe UsersController do
render_views
# ...
describe "POST 'create'" do
# ...
describe 'success' do
before(:each) do
#attr = { :name => 'New User', :email => 'some-email#gmail.com', :password => 'foobar', :password_confirmation => 'foobar' }
end
it 'should create a new user' do
lambda do
post :create, :user => #attr
end.should change(User, :count).by(1)
end
end
it 'should redirect to the user "show" page' do
post :create, :user => #attr
response.should redirect_to(user_path(assigns(:user)))
end
it 'should have a welcome message' do
post :create, :user => #attr
flash[:success].should =~ /welcome to the sample app/i
end
end
end
users_controller.rb
class UsersController < ApplicationController
def new
#user = User.new
#title = 'Sign up'
end
def show
#user = User.find params[:id]
#title = #user.name
end
def create
#user = User.new(params[:user])
if #user.save
flash[:success] = 'Welcome to the Sample App!'
redirect_to #user
else
#title = 'Sign up'
render 'new'
end
end
end
user.rb
class User < ActiveRecord::Base
# Virtual properties (don't exist in db)
attr_accessor :password
# Accessible properties
attr_accessible :name, :email, :password, :password_confirmation
email_regex = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates :name, :presence => true,
:length => { :maximum => 50 }
validates :email, :presence => true,
:format => { :with => email_regex },
:uniqueness => { :case_sensitive => false }
validates :password, :presence => true,
:confirmation => true,
:length => { :within => 6..40 }
before_save :encrypt_password
# Return true if the user's password matches the submitted password
def has_password?(submitted_password)
# Compare encrypted_password with the encrypted version of submitted_password
encrypted_password == encrypt(submitted_password)
end
# Static/Class methods
def self.authenticate(email, submitted_password)
user = find_by_email email
return nil if user.nil?
return user if user.has_password? submitted_password
end
# Private functionality.
# Anything after the 'private' pragma will be inaccessable from outside the class
private
def encrypt_password
self.salt = make_salt if new_record? # Using ActiveRecord goodness to make sure this only gets created once.
self.encrypted_password = encrypt(password)
end
def encrypt(string)
secure_hash("#{salt}--#{string}")
end
def make_salt
secure_hash("#{Time.now.utc}--#{password}")
end
def secure_hash(string)
Digest::SHA2.hexdigest(string)
end
end
routes.rb
SampleApp::Application.routes.draw do
#get '/users/new'
resources :users
match '/signup' => 'users#new'
match '/about' => 'pages#about'
match '/contact' => 'pages#contact'
match '/help' => 'pages#help'
root :to => 'pages#home'
end
Thanks in advance. If you guys really want to dig through or if I've missed something in my post, here's my code.
I'm very new to rails, and absolutely love it so far. Any help will be greatly appreciated.

Look closely at your users_controller_spec "success" spec: when will it create #attr? Before each test, or just before the "should create a new user" test? You use it in all the "POST 'create'" tests...
Once you make that non-spec-specific your tests will pass.
(By the way, having the code up in git is handy, but only if the code you're posting is actually checked in, otherwise... not as much ;)

your
it "should redirect to the user show page"
and
it "should have a welcome message"
is outside of the
describe "success" do
loop

What are the right parameters for a rspec put request on my stub

I have a controller spec and I get following failed expectation:
Failure/Error: put :update, :id => login_user.id, :user => valid_attributes
#<User:0xbd030bc> received :update_attributes with unexpected arguments
expected: ({:name=>"changed name", :email=>"changed#mail.com", :password=>"secret", :password_confirmation=>"secret"})
got: ({"name"=>"Test user", "email"=>"user#test.com", "password"=>"secret", "password_confirmation"=>"secret"})
And for me it looks like I am passing in "name" => "Test User" and I am expecting :name => "test user"
my spec looks like this:
describe 'with valid parameters' do
it 'updates the user' do
login_user = User.create!(valid_attributes)
controller.stub(:current_user).and_return(login_user)
User.any_instance.
should_receive(:update_attributes).
with(valid_attributes.merge(:email => "changed#mail.com",:name=>"changed name"))
put :update, :id => login_user.id, :user => valid_attributes
end
end
and I have something like this for my valid attributes:
def valid_attributes
{
:name => "Test user",
:email=> "user#test.com",
:password => "secret",
:password_confirmation => "secret"
}
end
so what is wrong with my parameters any suggestions?
I am using Rails 3.0.5 with rspec 2.6.0...

The failure message is telling you exactly what's going on: any instance of User is expecting update_attributes with a hash including :email => "changed#mail.com", but it's getting :email => "user#test.com" because that's what's in valid_attributes. Similarly, it's expecting :name => "changed_name", but gets :name => "Test user" because that's what's in valid_attributes.
You can simplify this example and avoid this confusion. There is no need to use valid_attributes here because should_receive intercepts the update_attributes call anyhow. I usually do this like so:
controller.stub(:current_user).and_return(mock_model(User)) # no need for a real user here
User.any_instance.
should_receive(:update_attributes).
with({"these" => "params"})
put :update, :id => login_user.id, :user => {"these" => "params"}
This way the expected and actual values are right in the example and it makes clear that it doesn't really matter what they are: whatever hash is passed in as :user is passed directly to update_attributes.
Make sense?

rails 3 tutorial : rspec + factory_girl_rails problem

i've been following the Rails tutorial (http://railstutorial.org/chapters/beginning , Rails 3 version), and i've stopped at 11th chapter when using Factory Girl and Rspec, I have a test that isn't passing and I feel I'm doing something wrong but I don't see what.
First of all there is a git repository on Github with the code that doesn't pass that test.
http://github.com/Monomachus/ch3_static_pages
So I got users model
class User < ActiveRecord::Base
attr_accessor :password
attr_accessible :name, :email, :password, :password_confirmation
has_many :microposts
.
.
.
I got microposts model
class Micropost < ActiveRecord::Base
attr_accessible :content
belongs_to :user
default_scope :order => 'microposts.created_at DESC'
end
Then I got Factory girl settings
Factory.define :user do |user|
user.name "Michael Hartl"
user.email "mhartl#example.com"
user.password "foobar"
user.password_confirmation "foobar"
end
Factory.define :micropost do |micropost|
micropost.content "Foo bar"
micropost.association :user
end
And finally Rspec code
require 'spec_helper'
describe Micropost do
.
.
describe "microposts associations" do
before(:each) do
#user = User.create(#attr)
#mp1 = Factory(:micropost, :user => #user, :created_at => 1.day.ago)
#mp2 = Factory(:micropost, :user => #user, :created_at => 1.hour.ago)
end
it "should have a microposts attribute" do
#user.should respond_to(:microposts)
end
it "should be in the reverse order of appearing" do
#user.microposts.should == [#mp2, #mp1]
end
end
end
And I got the error which definitely tells me that I do something wrong.
Failures:
1) Micropost microposts associations should be in the reverse order of appearing
Failure/Error: #user.microposts.should == [#mp2, #mp1]
expected: [#<Micropost id: 2, content: "Foo bar", user_id: nil, created_at: "2010-12-24 12:47:02", update
d_at: "2010-12-24 13:47:02">, #<Micropost id: 1, content: "Foo bar", user_id: nil, created_at: "2010-12-23 13:
47:02", updated_at: "2010-12-24 13:47:02">],
got: [] (using ==)
Diff:
## -1,3 +1,2 ##
-[#<Micropost id: 2, content: "Foo bar", user_id: nil, created_at: "2010-12-24 12:47:02", updated_at: "20
10-12-24 13:47:02">,
- #<Micropost id: 1, content: "Foo bar", user_id: nil, created_at: "2010-12-23 13:47:02", updated_at: "20
10-12-24 13:47:02">]
+[]
# ./spec/models/micropost_spec.rb:42:in `block (3 levels) in <top (required)>'
As you can see even the user_id property is not set correctly +
apparently #user.microposts doesn't have any elements.
Please help me with this issue thanks.

Well the answer was simple :)
I included microposts associations in the Micropost spec.
And clearly
describe "microposts associations" do
before(:each) do
#user = User.create(#attr)
#mp1 = Factory(:micropost, :user => #user, :created_at => 1.day.ago)
#mp2 = Factory(:micropost, :user => #user, :created_at => 1.hour.ago)
end
it "should have a microposts attribute" do
#user.should respond_to(:microposts)
end
it "should be in the reverse order of appearing" do
#user.microposts.should == [#mp2, #mp1]
end
end
#attr did not contain the user properties but the micropost properties and of course #user = nil and then everything makes sense. So if you do have the same problem, include this code into User spec.
Now all my tests pass :)

By the time I had finished the pagination chapter, the tutorial was creating 100 sample users using Faker (listing 10.25 on page 390), and in RubyMine I was able to see my test was failing because the program was throwing an exception on duplicate user email address (which has a unique constraint). The #attr on line 8 of user_spec.rb has :email => "user#example.com", however this throws an exception since it's a duplicate email (I guess because Faker has already created it).
For me the fix was to copy #attr from line 8 and paste it into the describe "micropost associations" block (user_spec.rb), and change the email address to :email => "user#example999.com". I'm sure this is a total hack but I'm a n00b.
Update:
Another fix for me was to comment out the line #user = User.create(#attr), and simply create #mp1 and #mp2.

I was also getting test failure in this section, even though I already had "micropost associations" in user_spec.rb. Turns out I needed to restart spork and autotest in order to get them to use the new "micropost" factory in factories.rb.