Ruby on Rails 3.2
My form is creating a new distributor. I have added the gem 'bcrypt-ruby', '3.0.1', my database table has password_digest: string and my model has :password, :password_confirmation, and has_secure_password.
When I submit my form the error I get is Password digest can't be blank.
This is what is POSTed:
Started POST "/distributors" for x.x.x.x at 2014-03-14 12:59:07 -0700
Processing by DistributorsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"x=", "distributor"=>{"company_name"=>"First Account", "company_website
"=>"First.com", "contact_name"=>"First", "contact_email"=>"first#moon.com", "contact_title"=>"owner", "company_phone"=>"555-665-5555", "company_region"=>"Asia Paci
fic", "company_address"=>"172 E Center Street", "company_country"=>"Cambodia", "company_city"=>"Covina", "company_state"=>"Not Applicable", "company_zip"=>"01970",
"sales_contact_name"=>"Bob", "sales_contact_email"=>"bobby#moon.com", "tech_contact_name"=>"Steph", "tech_contact_email"=>"steph#moon.com", "additional_name"=>"",
"additional_email"=>"", "additional_name2"=>"", "additional_email2"=>"", "area_served"=>["", "Bangladesh"], "terms_and_conditions"=>"1"}, "commit"=>"Register"}
Distributor Load (0.1ms) SELECT `distributors`.* FROM `distributors` WHERE `distributors`.`contact_email` = 'first#moon.com' LIMIT 1
(0.1ms) BEGIN
Distributor Exists (0.2ms) SELECT 1 AS one FROM `distributors` WHERE `distributors`.`contact_email` = 'first#moon.com' LIMIT 1
(0.1ms) ROLLBACK
Does someone know what I'm missing? Thank you
Your log is missing both the password and password_confirmation fields being set. It should look more like this
{"utf8"=>"✓", "authenticity_token"=>"dsdfhjdskhfsdfhjsdfhjsdfhjdsfhjsdfE=", "user"=>{"email"=>"email#provider.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Register"}
The hash you post to your distributors route does not contain any information about a password. It is not possible to create a distributor without a password, with the code you have written. So the error message is perfectly correct.
You need to add a password and a password_confirmation field to your webpage.
Related
I'm currently building a small website for a friend, and I want him to be able to change his password, since the one he'll get is seeded and visible from the Git repository (don't worry, he's well aware this is the first thing he'll have to change)
I'm used to Ruby on Rails in general, but this is the first time for me that I use an API instead of the "standard" version of Rails, and I'm not used at all with everything about tokens and such.
In the back-office where he can change some elements from the website, I made a specific page where he can change some details such as his biography, his profile picture, his social networks links, etc etc. On this page, I added a part where he can change his password, with the fields current_password, password and password_confirmation. I also started to setup some verifications, but the thing is that if I type 3 times "password" in the fields, I'll get the following error:
ActiveRecord::RecordInvalid | Validation failed: password can't be blank
What troubles me are two elements: the first one is that the error is not returned as JSON, but as HTML (this is my first question, how can I force the format to JSON?), and I made sure that the passwords were sent to the API (front is VueJS, but this is not the problem), but it still shows up the error.
Here is my code:
users_controller.rb
# ...
wrap_parameters :user, include: %i[password password_confirmatioon current_password]
# ...
def profile
if #user.update(user_params)
render json: #user, status: :ok
else
render json: #user.errors, status: :unprocessable_entity
end
#user.reset_password!(user_params[:new_password])
end
user.rb
class User < ApplicationRecord
mount_base64_uploader :picture, BioFaceUploader
include ActiveModel::Serializers::JSON
has_secure_password
attr_accessor :old_password
attr_accessor :profile
def generate_password_token!
begin
self.reset_password_token = SecureRandom.urlsafe_base64
end while User.exists?(reset_password_token: reset_password_token)
self.reset_password_token_expires_at = 1.day.from_now
save!
end
def reset_password!(password)
self.reset_password_token = nil
self.password = password
save!
end
def clear_password_token!
self.reset_password_token = nil
self.reset_password_token_expires_at = nil
save!
end
end
** edit: this is the server log input when I try to POST the new password**
Started POST "/profile" for 127.0.0.1 at 2018-09-21 13:15:33 +0200
Processing by UsersController#profile as HTML
Parameters: {"id"=>1, "email"=>"email#email.me", "password_digest"=>"[FILTERED]", [some more unrelated datas], "created_at"=>"2018-09-17T11:38:27.464Z", "updated_at"=>"2018-09-21T10:23:50.233Z", "reset_password_token"=>"[FILTERED]", "reset_password_token_expires_at"=>"[FILTERED]", "password"=>"[FILTERED]", "current_password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "user"=>{"password"=>"[FILTERED]", "current_password"=>"[FILTERED]"}}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT ? [["id", 1], ["LIMIT", 1]]
↳ app/controllers/users_controller.rb:39
Unpermitted parameters: :password, :current_password
Unpermitted parameters: :password, :current_password
(0.1ms) begin transaction
↳ app/controllers/users_controller.rb:27
(0.1ms) commit transaction
↳ app/controllers/users_controller.rb:27
Unpermitted parameters: :password, :current_password
(0.1ms) begin transaction
↳ app/models/user.rb:21
(0.1ms) rollback transaction
↳ app/models/user.rb:21
Completed 500 Internal Server Error in 32ms (Views: 0.6ms | ActiveRecord: 1.5ms)
As you can see, 2 fields were unauthorized, I added them to the allowed parameters, but now I have the following error:
Unknown attribute 'current_password' for User
Should I add it to the attr_accessor's list?
What should I do to fix this?
Thank you in advance
I am taking over a project where Devise is in use. No signup needed because users are created when they provide their email for another purpose. Then the user receives an email with the link to password setup.
Now I want to also allow signup, but it still searches for an existing email, as seen in the log (several user models, the one used here is Traveler):
Started POST "/en/travelers" for 127.0.0.1 at 2015-10-02 09:07:09 +0200
Processing by DeviseInvitable::RegistrationsController#create as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"blah", "traveler"=>{"email"=>"test#test.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up", "protocol"=>"https"}
Traveler Load (3.3ms) SELECT "travelers".* FROM "travelers" WHERE "travelers"."email" = 'test#test.com' ORDER BY "travelers"."id" ASC LIMIT 1
(1.7ms) BEGIN
Traveler Exists (2.4ms) SELECT 1 AS one FROM "travelers" WHERE "travelers"."email" = 'test#test.com' LIMIT 1
(1.6ms) ROLLBACK
Rendered devise/registrations/new.html.erb within layouts/auth/application (14.4ms)
Rendered layouts/auth/_flash.html.erb (0.3ms)
Rendered layouts/auth/_footer.html.erb (1.3ms)
Completed 200 OK in 282ms (Views: 153.6ms | ActiveRecord: 11.0ms)
I haven't seen anything in the routes or controllers that would make that happen, any ideas on where I could investigate?
I think that your traveller is invalid. E.g. traveller with this email exists. Check it and unique constraints.
I'm new with BDD approach and I'm studying to put that in all my future projects.
I'm trying to run a simple test in which the user has to be logged to access a specific page (the Create New Fair page) and fill a field form before submit.
It seems I was able to manage login since the test passed but when I try to access Fair page I'm always redirected to the welcome/index for some reason I don't understand. As result of this I receive a "Unable to find button "Create Fair" message in the next next.
Here my files to let you understand my problem:
fairs.feature:
Feature: Fairs
In order to create a new Fair
A user must be logged
Should fill fair form
Scenario: Create a new Fair
Given I'm logged as superuser
And I'm on the add Fair page
And I fill in "name"
When I press "Create Fair"
Then A new fair should be created with success
create_fair_steps.rb (only steps I've problem with):
Given(/^I'm logged as superuser$/) do
user = build(:user)
login_as(user, :scope => :user, :run_callbacks => false)
#Warden.test_reset!
end
Given(/^I'm on the add Fair page$/) do
visit('/it/fairs/new')
end
When(/^I press "(.*?)"$/) do |confirm_button|
#submit_form "new_fair"
click_button confirm_button
end
users.rb ()
FactoryGirl.define do
factory :user, class: User do
email "admin#email.com"
password "superadmin"
end
end
To use FactoryGirl i've added the following line to the env.rb file:
World(FactoryGirl::Syntax::Methods)
The output log
Feature: Fairs
In order to create a new Fair
A user must be logged
Should fill fair form
Scenario: Create a new Fair # features/fairs.feature:6
(0.1ms) begin transaction
(0.1ms) commit transaction
(0.1ms) begin transaction
Given I'm logged as superuser # features/step_definitions/create_fair_steps.rb:4
Started GET "/it/fairs/new" for 127.0.0.1 at 2014-07-31 17:50:42 +0200
Processing by FairsController#new as HTML
Parameters: {"locale"=>"it"}
Redirected to http://www.example.com/it
Completed 302 Found in 254ms (ActiveRecord: 0.4ms)
Started GET "/it" for 127.0.0.1 at 2014-07-31 17:50:42 +0200
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."id" IS NULL ORDER BY "users"."id" ASC LIMIT 1
Processing by WelcomeController#home as HTML
Parameters: {"locale"=>"it"}
Redirected to http://www.example.com/it/home
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
Started GET "/it/home" for 127.0.0.1 at 2014-07-31 17:50:42 +0200
Processing by WelcomeController#index as HTML
Parameters: {"locale"=>"it"}
Rendered welcome/index.html.erb within layouts/site (3.2ms)
Completed 200 OK in 314ms (Views: 298.8ms | ActiveRecord: 0.0ms)
And I'm on the add Fair page # features/step_definitions/create_fair_steps.rb:10
And I fill in "name" # features/step_definitions/create_fair_steps.rb:14
When I press "Create Fair" # features/step_definitions/create_fair_steps.rb:18
Unable to find button "Create Fair" (Capybara::ElementNotFound)
./features/step_definitions/create_fair_steps.rb:20:in `/^I press "(.*?)"$/'
features/fairs.feature:10:in `When I press "Create Fair"'
Then A new fair should be created with success # features/step_definitions/create_fair_steps.rb:23
(0.1ms) rollback transaction
Failing Scenarios:
cucumber features/fairs.feature:6 # Scenario: Create a new Fair
1 scenario (1 failed)
5 steps (1 failed, 1 skipped, 3 passed)
If you need more information let me know. Any help is appreciated, thanks :)
No other answers I found on that issue helped me.
I have a terms and conditions box and want to validate if it's checked on creation.
In my model:
validates :terms_and_conditions, :on => :create, acceptance: true, :allow_nil => false
In my view:
<%= f.check_box(:terms_and_conditions )%>
It always fails, no matter if the check_box is checked or not. I think it never actually sets the field and the problem is in my view, but I can't find it.
Log when submitting the form.
Processing by Users::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"xNNmGTWSV4hkj0rrlZeOq+AiTlJ9sc9+cAT1Sy0bjhc=", "user"=>{"email"=>"sdasdr#gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "name"=>"", "surname"=>"", "country_id"=>"", "language"=>"", "description"=>"", "register_as_company"=>"1", "terms_and_conditions"=>"1"}, "commit"=>"Sign up"}
Unpermitted parameters: name, surname, country_id, language, description, register_as_company, terms_and_conditions
[1m[35m (0.1ms)[0m begin transaction
[1m[36mUser Exists (0.3ms)[0m [1mSELECT 1 AS one FROM "users" WHERE "users"."email" = 'sdasdr#gmail.com' LIMIT 1[0m
[1m[35m (0.1ms)[0m rollback transaction
[1m[36mCountry Load (0.2ms)[0m [1mSELECT "countries".* FROM "countries"[0m
Rendered devise/registrations/new.html.erb within layouts/application (6.1ms)
Rendered layouts/_auth_widget.html.erb (1.1ms)
Completed 200 OK in 127ms (Views: 22.8ms | ActiveRecord: 0.7ms)
You have not permitted terms_and_conditions attribute to be saved in the database. If you notice the server logs closely,
Unpermitted parameters: name, surname, country_id, language, description, register_as_company, terms_and_conditions
there are multiple attributes which are not permitted so all of them are not getting saved in database. terms_and_conditions goes as nil and results in error as the value submitted via form is ignored (because of unpermitted status).
This is related to Rails 4 Strong Parameters concept wherein only those attributes would be saved in database which are whitelisted/ permitted.
Checkout the information on Strong Parameters
Also, as per the server log I noticed that these attributes are part of User model which is a Devise model. Permitting attributes for Devise can be done in different ways,
you can refer to SO Question: Rails devise simple form not saving all fields for this.
I took about a week off from working on "Mattan Griffel's One Month Rails." For some reason when I returned, either the password or the email was invalid for my localhost:3000. Mattan led us through the process of signing up on our localhost page with the email: user#example.com and password: foobar, but it won't work for me now. Could this be my fault with a syntax error in sublime, or what could be the problem?
This is what the Terminal reads when it doesn't go through:
Started POST "/users/sign_in" for 127.0.0.1 at 2013-06-06 13:53:44 -0600
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8rUKRPLsIttdHhv49tgT8KcvKbjT9mMP/lP5M/N8uPQ=", "user"=>{"email"=>"user#example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = 'user#example.com' LIMIT 1
Given that this worked before, but it's not anymore, I'm guessing that you're probably just using the wrong password.
Try the following to reset your password in the Rails console:
User.find_by_email('user#example.com').update_attribute(:password, 'your_new_password')
Then, try logging back in and see what happens.