I'm trying to update multiple records. The form generates fine and submits fine and the data is sent. The records are looked up to update, but no data is ever saved. I have my controller logic, form logic and console dump below. I'm trying to duplicate what Anthony Lewis put together but I have a feeling I am not passing the right data into or defining correctly the params.require().permit() method. Thanks in advance for your help!
class ConfigController < ApplicationController
def edit
#services = Service.all
end
def update
params["service"].keys.each do |id|
#service = Service.find(id.to_i)
#service.update_attributes!(service_params)
end
redirect_to config_url
end
private
def service_params
params.require(:service).permit(:id, :client_id, :client_secret)
end
end
Form code is:
<%= form_for :service, :url => update_config_path, :html => { :class => "form-horizontal", :method => "put", :remote => true } do %>
<% #services.each do |s| %>
<%= fields_for "service[]", s do |service_field| %>
<fieldset>
<legend><%= s.name %></legend>
<div class="form-group">
<%= service_field.label :client_id, "Consumer Key", :class => "col-sm-2 control-label" %>
<div class="col-sm-10">
<%= service_field.text_field :client_id, :class => "form-control" %>
</div>
</div>
<div class="form-group">
<%= service_field.label :client_secret, "Consumer Secret", :class => "col-sm-2 control-label" %>
<div class="col-sm-10">
<%= service_field.text_field :client_secret, :class => "form-control" %>
</div>
</div>
</fieldset>
<% end %>
<% end %>
<%= submit_tag %>
<% end %>
Console reads:
Started PUT "/config" for 127.0.0.1 at 2013-11-22 15:44:08 -0800
Processing by ConfigController#update as JS
Parameters: {"utf8"=>"✓", "service"=>{"1"=>{"client_id"=>"testid", "client_secret"=>"testsecret"}, "2"=>{"client_id"=>"testkey", "client_secret"=>""}, "3"=>{"client_id"=>"", "client_secret"=>""}}, "commit"=>"Save changes"}
Service Load (0.3ms) SELECT "services".* FROM "services" WHERE "services"."id" = $1 LIMIT 1 [["id", 1]]
Unpermitted parameters: 1, 2, 3
(0.1ms) BEGIN
(0.1ms) COMMIT
Unpermitted parameters: 1, 2, 3
{}
Service Load (0.2ms) SELECT "services".* FROM "services" WHERE "services"."id" = $1 LIMIT 1 [["id", 2]]
Unpermitted parameters: 1, 2, 3
(0.1ms) BEGIN
(0.1ms) COMMIT
Unpermitted parameters: 1, 2, 3
{}
Service Load (0.2ms) SELECT "services".* FROM "services" WHERE "services"."id" = $1 LIMIT 1 [["id", 3]]
Unpermitted parameters: 1, 2, 3
(0.1ms) BEGIN
(0.1ms) COMMIT
Unpermitted parameters: 1, 2, 3
{}
Redirected to http://localhost:3000/config
Completed 302 Found in 6ms (ActiveRecord: 1.1ms)
I found a solution, but perhaps it isn't the best. Let me know if someone has a better idea and I'd be happy to try it!
In the solution I updated my controllers update action and the service_params.
I passed id to service_params and called fetch method on the require method to get the correct params. I noticed that in the console it read Unpermitted parameters: 1, 2, 3 when it was saving each record indicating the params were an array and I also noticed in #Vijay's solution he tried to narrow down the params as well. After some Googling and console logging I came up with the code below.
def update
params["service"].keys.each do |id|
#service = Service.find(id.to_i)
#service.update_attributes!(service_params(id))
end
redirect_to config_url
end
def service_params(id)
params.require(:service).fetch(id).permit( :client_id, :client_secret )
end
What do you think?
Try this...
params.require(:service).permit( id: [ :client_id, :client_secret ] )
Your strong parameters line should be
params.require(:service).permit( [:id, :client_id, :client_secret ] )
This permits arrays of values
http://guides.rubyonrails.org/action_controller_overview.html#more-examples
Try this one and it will work.
Let me know if you get any issue
def service_params
params.require(:service).map do |_, p|
p.permit(:id, :client_id, :client_secret)
end
end
http://blog.sensible.io/2013/08/17/strong-parameters-by-example.html
Please try:
def update
Service.update(service_params.keys, service_params.values
end
def service_params
params.permit(service: [:client_id, :client_secret]).require(:service)
end
Related
So my reconciliation model looks like this:
class Reconciliation < ApplicationRecord
belongs_to :location
belongs_to :company
has_and_belongs_to_many :inventory_items
accepts_nested_attributes_for :inventory_items, allow_destroy: true
end
My InventoryItem model looks like this:
class InventoryItem < ApplicationRecord
belongs_to :product
belongs_to :location, inverse_of: :inventory_items
has_and_belongs_to_many :reconciliations
end
In my ReconciliationsController, this is what my reconciliation_params looks like:
def new
#location = Location.find(params[:location_id])
#reconciliation = #location.reconciliations.new
#inventory_items = #location.inventory_items
#start_index = 0
#next_index = #start_index + 1
end
def reconciliation_params
params.require(:reconciliation).permit(:inventory_item_id, :location_id, :display_id, :inventory_items,
inventory_items_attributes: [:id, :quantity_left, :quantity_delivered, :_destroy]
)
end
This is the relevant section of my routes.rb:
resources :locations, shallow: true do
resources :inventory_items
resources :reconciliations
end
This is my views/reconciliations/_form.html.erb:
<%= simple_form_for #reconciliation, url: :location_reconciliations do |f| %>
<%= f.error_notification %>
<div class="form-inputs">
<%= f.input :location_id, as: :hidden %>
<%= f.simple_fields_for :inventory_item do |inventory| %>
<%= inventory.input :quantity_left %>
<%= inventory.input :quantity_delivered %>
<% end %>
</div>
<div class="form-actions">
<%= f.button :submit, "Update", class: "btn btn-primary" %>
</div>
<% end %>
This is my app/views/reconciliations/new.html.erb:
<% if params[:next].nil? %>
<%= render 'form', reconciliation: #reconciliation, inventory_item: #inventory_items[#start_index] %>
<% else %>
<%= render 'form', reconciliation: #reconciliation, inventory_item: #inventory_items[#next_index] %>
<% end %>
This is my log when I try to create a reconciliation object:
Started POST "/locations/2/reconciliations" for 127.0.0.1 at 2018-03-24 23:16:33 -0500
Processing by ReconciliationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"JZvhwloo0+XM9bmptxXGfnDw==", "reconciliation"=>{"location_id"=>"2", "inventory_item"=>{"quantity_left"=>"1", "quantity_delivered"=>"170"}}, "commit"=>"Update", "location_id"=>"2"}
Unpermitted parameter: :inventory_item
Location Load (0.9ms) SELECT "locations".* FROM "locations" WHERE "locations"."id" = $1 LIMIT $2 [["id", 2], ["LIMIT", 1]]
(0.6ms) BEGIN
(0.7ms) ROLLBACK
Rendering reconciliations/new.html.erb within layouts/application
InventoryItem Load (1.0ms) SELECT "inventory_items".* FROM "inventory_items" WHERE "inventory_items"."location_id" = $1 [["location_id", 2]]
Product Load (1.0ms) SELECT "products".* FROM "products" WHERE "products"."id" = $1 LIMIT $2 [["id", 2], ["LIMIT", 1]]
Rendered reconciliations/_form.html.erb (45.9ms)
Rendered reconciliations/new.html.erb within layouts/application (66.8ms)
Rendered shared/_navbar.html.erb (1.3ms)
Completed 200 OK in 202ms (Views: 115.1ms | ActiveRecord: 29.1ms)
I have tried simply adding :inventory_item to my params.require(:reconciliation).permit(..), but that doesn't work.
What am I missing?
Edit 1
When I checked the HTML for the inputs on my form, within the simple_fields_for, the HTML seems to be fine:
<input class="string required" type="text" name="reconciliation[inventory_item][quantity_left]" id="reconciliation_inventory_item_quantity_left">
Edit 2
When I change the simple_fields_for call to be plural, i.e. :inventory_items, rather than :inventory_item like this:
That entire portion of the form disappears altogether.
This is what the HTML looks like:
<div class="form-inputs">
<div class="input hidden reconciliation_location_id"><input class="hidden" type="hidden" value="2" name="reconciliation[location_id]" id="reconciliation_location_id"></div>
</div>
This is how the HTML looks when that simple_field_for :inventory_item is singular:
<div class="form-inputs">
<div class="input hidden reconciliation_location_id"><input class="hidden" type="hidden" value="2" name="reconciliation[location_id]" id="reconciliation_location_id"></div>
<div class="input string required reconciliation_inventory_item_quantity_left"><label class="string required" for="reconciliation_inventory_item_quantity_left"><abbr title="required">*</abbr> Quantity left</label><input class="string required" type="text" name="reconciliation[inventory_item][quantity_left]" id="reconciliation_inventory_item_quantity_left"></div>
<div class="input string required reconciliation_inventory_item_quantity_delivered"><label class="string required" for="reconciliation_inventory_item_quantity_delivered"><abbr title="required">*</abbr> Quantity delivered</label><input class="string required" type="text" name="reconciliation[inventory_item][quantity_delivered]" id="reconciliation_inventory_item_quantity_delivered"></div>
</div>
I have tried simply adding :inventory_item to my params.require(:reconciliation).permit(..), but that doesn't work.
If you want permit inventory_item, you must specify its structure, because it is not a simple field, but a hash:
def reconciliation_params
params.require(:reconciliation).permit(:location_id, :display_id, inventory_item: [:id, :quantity_left, :quantity_delivered] )
end
By looking at your log, you are not passing the inventory_item_id, which might be needed to update this specific item:
Parameters: {"utf8"=>"✓", "authenticity_token"=>"JZvhwloo0+XM9bmptxXGfnDw==",
"reconciliation"=>{"location_id"=>"2", "inventory_item"=>
{"quantity_left"=>"1", "quantity_delivered"=>"170"}},
"commit"=>"Update", "location_id"=>"2"}
You could add it as a hidden field in the nested form.
Form of association should be plural f.simple_fields_for :inventory_items.
You should initialize a new inventory_item object in the new controller's action
def new
#reconciliation = Reconciliation.new
# you can create as many new items as you want
#reconciliation.inventory_items.build
end
If you want to dynamically add items to the form i advise you to use https://github.com/nathanvda/cocoon
BUT it looks like you want to add existing inventory_item to a new reconciliation, you better use has_many through assocations http://guides.rubyonrails.org/association_basics.html#choosing-between-has-many-through-and-has-and-belongs-to-many
Its easier to add a join model objects with neccessary fields and associations.
Another advise: do not send local variable to partial if you are using instance variable in this partial
# render partial
render 'form', reconciliation: #reconciliation
# partial with form for local variable
simple_form_for reconciliation
and i think your form partial will not work for the edit action because of hardcoded url, you can pass url in a variable:
# new html
render 'form', reconciliation: #reconciliation, url_var: location_reconciliations(#location)
# edit
render 'form', reconciliation: #reconciliation, url_var: reconciliations(#reconciliation)
# form
simple_form_for reconciliation, url: url_var
Good day all, I'm pulling my hair out on this one, I've seen similar posts but none of them get me in the direction I'm trying to go.
That said, I've got a pretty complex app that's relying heavily on nested resources and name-spacing, when I save a record it saves perfectly
and redirects correctly. When I update that same record the URL changes but not as I would expect. I understand the flow from edit to update and
the set_input call pulling the params[:id], what I don't understand is why the URL is changing the parents resource to reflect the record ID.
/servers/1/features/rsyslog_inputs/12/edit"
changes to the following after update
/servers/12/features/rsyslog_inputs/12/edit"
LOGS
Started GET "/servers/1/features/rsyslog_inputs/12/edit" for 127.0.0.1 at 2017-12-08 12:27:55 -0600
Processing by Features::RsyslogInputsController#edit as HTML
Parameters: {"server_id"=>"1", "id"=>"12"}
RsyslogInput Load (0.6ms) SELECT "rsyslog_inputs".* FROM "rsyslog_inputs" WHERE "rsyslog_inputs"."id" = $1 LIMIT $2 [["id", 12], ["LIMIT", 1]]
Rendering features/rsyslog_inputs/edit.html.erb within layouts/application
Rendered shared/_error_messages.html.erb (0.4ms) [cache miss]
Rendered features/rsyslog_inputs/_form.html.erb (4.3ms) [cache miss]
Rendered features/rsyslog_inputs/edit.html.erb within layouts/application (6.5ms)
Rendered layouts/_shim.html.erb (0.5ms) [cache miss]
User Load (1.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 1], ["LIMIT", 1]]
Rendered layouts/_navbar_top.html.erb (0.9ms) [cache miss]
Rendered layouts/_navbar_side.html.erb (0.5ms) [cache miss]
Completed 200 OK in 90ms (Views: 84.7ms | ActiveRecord: 1.7ms)
Here the PATCH has modified the servers/:id to reflect the id of the rsyslog_inputs and not retained its "1" as shown above
Started PATCH "/servers/12/features/rsyslog_inputs/12" for 127.0.0.1 at 2017-12-08 12:27:58 -0600
Processing by Features::RsyslogInputsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"dFt61NcQWXoKpmScrkngT47ZxDdhzMUcCyJ5fZKrdbaOVqKfLXMVeBUj20zKKHQ8wGe4fi2QEw98cLviyO4wQw==", "rsyslog_input"=>{"inputs_interface"=>"eth04", "inputs_ip_address"=>"1.1.1.1", "inputs_input_type"=>"tcp", "inputs_port_number"=>"22", "inputs_input_name"=>"test02", "inputs_tls"=>"0"}, "commit"=>"Save Input", "appliance_id"=>"12", "id"=>"12"}
RsyslogInput Load (0.7ms) SELECT "rsyslog_inputs".* FROM "rsyslog_inputs" WHERE "rsyslog_inputs"."id" = $1 LIMIT $2 [["id", 12], ["LIMIT", 1]]
(0.6ms) BEGIN
Server Load (1.0ms) SELECT "servers".* FROM "servers" WHERE "servers"."id" = $1 LIMIT $2 [["id", 1], ["LIMIT", 1]]
SQL (1.0ms) UPDATE "rsyslog_inputs" SET "inputs_interface" = $1, "updated_at" = $2 WHERE "rsyslog_inputs"."id" = $3 [["inputs_interface", "eth04"], ["updated_at", "2017-12-08 18:27:58.904817"], ["id", 12]]
(0.8ms) COMMIT
Redirected to http://localhost:3000/servers/12/features/rsyslog_inputs
Completed 302 Found in 12ms (ActiveRecord: 4.0ms)
Controller
class Features::RsyslogInputsController < ApplicationController
before_action :set_input, only: [:show, :edit, :update, :destroy]
def index
# Let's search for all inputs associated with the corresponding appliance
#inputs = RsyslogInput.where(server_id: params[:server_id])
end
def create
#input = RsyslogInput.new(input_params)
#input.build_server
#input.server_id = params[:server_id]
if #input.save
flash[:notice] = "Input was successfully saved."
redirect_to server_features_rsyslog_inputs_path
else
render('new')
end
end
def destroy
if #input.destroy
flash[:notice] = "Input was successfully destoryed."
redirect_to server_features_rsyslog_inputs_path
else
flash[:alert] = "Unable to destroy #{#input.inputs_input_name}"
end
end
def update
if #input.update(input_params)
flash[:notice] = "Input was successfully updated"
redirect_to server_features_rsyslog_inputs_path
else
render('edit')
end
end
def new
#input = RsyslogInput.new
end
def edit; end
def show ;end
private
def set_input
#input = RsyslogInput.find(params[:id])
end
def input_params
params.require(:rsyslog_input).permit(:inputs_interface,
:inputs_input_type,
:inputs_ip_address,
:inputs_port_number,
:inputs_input_name,
:inputs_tls,
:server_id)
end
end
Form
<%= form_for ([:server, :features, #input]) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<br/>
<div class="form-group clients-form-container">
<%= f.label :inputs_interface, 'Input interface:', class: 'col-3 col-form-label' %>
<div class="col-3">
<%= f.text_field :inputs_interface, class: 'form-control', placeholder: 'Enter Interface: (e.g. eth0)' %>
</div>
<br/>
<%= f.label :inputs_ip_address, 'Input IP Address:', class: 'col-3 col-form-label' %>
<div class="col-3">
<%= f.text_field :inputs_ip_address, class: 'form-control', placeholder: 'Enter IP Address:' %>
</div>
<br/>
<%= f.label :inputs_input_type, 'Input type:', class: 'col-3 col-form-label' %>
<div class="col-3">
<%= f.text_field :inputs_input_type, class: 'form-control', placeholder: 'TCP/UDP' %>
</div>
<br/>
<%= f.label :inputs_port_number, 'Input port number:', class: 'col-3 col-form-label' %>
<div class="col-3">
<%= f.text_field :inputs_port_number, class: 'form-control', placeholder: 'Enter Port:' %>
</div>
<br/>
<%= f.label :inputs_input_name, 'Input Name:', class: 'col-3 col-form-label' %>
<div class="col-3">
<%= f.text_field :inputs_input_name, class: 'form-control', placeholder: 'Enter Ruleset Name)' %>
</div>
<br/>
<div class="form-inline">
<%= f.label :inputs_tls, 'Enable TLS:', class: 'col-1 col-form-label' %>
<div class="col-3">
<%= f.check_box :inputs_tls, class: 'form-control check-box-alignment' %>
</div>
</div>
</div>
<%= f.submit 'Save Input', class: 'btn btn-primary btn-lg' %>
<%= link_to 'Cancel', :back, class: 'btn btn-secondary region-btn btn-lg' %>
<% end %>
<br/>
Routes
resources :servers do
namespace :features do
resources :rsyslog_inputs
resources :rsyslog, only: :index
end
end
server_features_rsyslog_inputs GET /servers/:server_id/features/rsyslog_inputs(.:format) features/rsyslog_inputs#index
POST /servers/:server_id/features/rsyslog_inputs(.:format) features/rsyslog_inputs#create
new_server_features_rsyslog_input GET /servers/:server_id/features/rsyslog_inputs/new(.:format) features/rsyslog_inputs#new
edit_server_features_rsyslog_input GET /servers/:server_id/features/rsyslog_inputs/:id/edit(.:format) features/rsyslog_inputs#edit
server_features_rsyslog_input GET /servers/:server_id/features/rsyslog_inputs/:id(.:format) features/rsyslog_inputs#show
PATCH /servers/:server_id/features/rsyslog_inputs/:id(.:format) features/rsyslog_inputs#update
PUT /servers/:server_id/features/rsyslog_inputs/:id(.:format) features/rsyslog_inputs#update
DELETE /servers/:server_id/features/rsyslog_inputs/:id(.:format) features/rsyslog_inputs#destroy
server_features_rsyslog_index GET /servers/:server_id/features/rsyslog_inputs(.:format) features/rsyslog_inputs#index
seeing your forms, controller and the requirement, i would advice that you use the route helpers and pass in the appropriate parameters there
like in your form explicitly set the form url to
server_features_rsyslog_input(server_id: params[:server_id], id: #input.id)
and in your controller too pass in the parameters explicitly
So this actually turned out to be a redirection issue in the update method. I wasn't specifying the server_id which wouldn't allow the redirection back to the index based on the server.
How can I use a conditional to do one thing if :name is passed to the _form and another thing if that :name isn't passed?
With :name passed:
Started GET "/inspirations/new?inspiration%5Bname%5D=Always+trust+yourself+more+than+you+doubt+yourself" for 127.0.0.1 at 2016-11-08 01:00:44 -0500
Processing by InspirationsController#new as HTML
Parameters: {"inspiration"=>{"name"=>"Always trust yourself more than you doubt yourself"}}
Without :name passed:
Started GET "/inspirations/new" for 127.0.0.1 at 2016-11-08 01:16:18 -0500
Processing by InspirationsController#new as */*
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1 [["id", 1]]
CACHE (0.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1 [["id", 1]]
Inspiration Load (0.4ms) SELECT "inspirations".* FROM "inspirations" WHERE "inspirations"."id" IS NULL LIMIT 1
Rendered inspirations/_form.html.erb (4.1ms)
Rendered inspirations/new.html.erb within layouts/modal (5.9ms)
Completed 200 OK in 49ms (Views: 41.9ms | ActiveRecord: 0.7ms)
_form
<%= simple_form_for(#inspiration) do |f| %>
<%= f.text_area :name %>
<% if params[:name].nil? %> # Should Be Triggered If No :name Is Present in URL
etc...
<% end %>
<% end %>
So for example when a URL includes a string:
http://www.livetochallenge.com/inspirations/new?inspiration%5Bname%5D=Life+would+be+easier+if+I+had+the+source+code.
But I often use a URL shortener.
Didn't work for me:
Is there a way to check if part of the URL contains a certain string
including url parameters in if statement
Try this:
<%= simple_form_for(#inspiration) do |f| %>
<%= f.text_area :name %>
<% if params[:inspiration].try(:[], :name).nil? %> # Should Be Triggered If No :name Is Present in URL
etc...
<% end %>
<% end %>
This will check :name inside params[:inspiration] only if the later is present. So, no error should occur.
You can avoid the error using fetch.
<%= simple_form_for(#inspiration) do |f| %>
<%= f.text_area :name %>
<%= f.text_area :name %>
<% name = params.fetch(:inspiration, {}).fetch(:name, nil) %>
<% if name.nil? %>
etc...
<% end %>
<% end %>
I am trying to create a basic form where the user can change their password but needs to enter their old password in order to do it. I am having trouble verifying the user's old password. Everytime I enter an old password it says password doesn't match when I know that it does. If a replace the actual password in the authenticate field it works. How can I bring in what was entered in the form to verify the old password that was entered?
Form:
<%= form_for(#user, :url => change_password_action_path(current_user.id), html: { "role" => "form" }) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<div class="form-group">
<%= f.label :old_password, "Old Password:", :class => "control-label" %>
<%= f.password_field :old_password, :class => "form-control" %>
</div>
<div class="form-group">
<%= f.label :password, "New Password:", :class => "control-label" %>
<%= f.password_field :password, :class => "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "Password Confirmation:", :class => "control-label" %>
<%= f.password_field :password_confirmation, :class => "form-control" %>
</div>
<%= f.submit "Update Password", class: "btn btn-large btn-primary" %>
Controller
def change_password
#user = User.find(current_user.id)
end
def change_password_action
user = current_user.id
if User.find(user).authenticate(params[:old_password]) == false
flash[:danger] = "Password Doesnt Match: "
else
flash[:success] = "Password Match"
# Validate the new and confirm password.
end
redirect_to action: :change_password
end
Routes
get '/change_password' => 'main#change_password'
patch '/change_password_action' => 'main#change_password_action'
Rails Server Logs
Started PATCH "/change_password_action.1" for 127.0.0.1 at 2014-01-15 09:04:38 -0600
Processing by MainController#change_password_action as
Parameters: {"utf8"=>"✓", "authenticity_token"=>"yYdUx37Q7alr3SccuMVjPwCJoMgMPOaiKTesSsILlP4=", "user"=>{"old_password"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Update Password"}
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'fc1baf63bac072bfefd5ed27664ece5427ad9e64' LIMIT 1
{"utf8"=>"✓", "_method"=>"patch", "authenticity_token"=>"yYdUx37Q7alr3SccuMVjPwCJoMgMPOaiKTesSsILlP4=", "user"=>{"old_password"=>"test123", "password"=>"", "password_confirmation"=>""}, "commit"=>"Update Password", "controller"=>"main", "action"=>"change_password_action", "format"=>"1"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Redirected to http://localhost:3000/change_password
Completed 302 Found in 115ms (ActiveRecord: 0.7ms)
Started GET "/change_password" for 127.0.0.1 at 2014-01-15 09:04:39 -0600
Processing by MainController#change_password as HTML
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'fc1baf63bac072bfefd5ed27664ece5427ad9e64' LIMIT 1
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Rendered shared/_error_messages.html.erb (0.1ms)
Rendered main/change_password.html.erb within layouts/application (2.6ms)
Rendered layouts/_header.html.erb (0.5ms)
Rendered layouts/_footer.html.erb (0.0ms)
Completed 200 OK in 19ms (Views: 16.2ms | ActiveRecord: 0.4ms)
It looks like you're passing the wrong parameter into your authenticate method.
Try using params[:user][:old_password] instead of params[:old_password].
The param value you want will be under the :user key, because your form_for is using a user object.
You can also see this in your server logs where the user param in your params hash is:
"user"=>{"old_password"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}
I have the following form:
<%=form_for [:project, #permission], :url => { :action => "update" } do |f| %>
<% roles = Role.all %>
Role: <%= f.collection_select :role_id, roles, :id, :name, :prompt => true %>
<%=f.submit "Send Request" %>
<%=f.hidden_field :user_id %>
<% end %>
In my controller I have:
def update
#permission = Permission.find_by_user_id(params[:user_id])
.
.
.
end
** What I want to do is update the role_id,,,, so I need the above to find the permission record... Problem is,,, params[:user_id] is coming back null?
Am I missing something? thanks
Update
Here is the error and request params, which show the vars are there?
Started POST "/projects/3/permissions/useronproject" for 127.0.0.1 at Thu Oct 14 12:17:12 -0700 2010
Processing by PermissionsController#update as HTML
Parameters: {"commit"=>"Send Request", "authenticity_token"=>"KJ2C20MzTJ8VQV0NiNzOr357QKV5hWjeuazOBcS5iPU=", "utf8"=>"✓", "id"=>"useronproject", "permission"=>{"role_id"=>"1", "user_id"=>"11"}, "project_id"=>"3"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE ("users"."id" = 1) LIMIT 1
Permission Load (0.1ms) SELECT "permissions".* FROM "permissions" WHERE ("permissions"."user_id" IS NULL) LIMIT 1
see - user_id is NULL?
user_id is further down the params hash. Try:
params[:permission][:user_id]