Develop Reference

Rails: Unpermitted parameters: :authenticity_token, :order, :commit. after upgrade

I am upgrading a functional app from Ruby 1.8.7 Rails 3 to Ruby 3 Rails 7: quite a journey and I am almost finished. But I have an order process, which is not running after the upgrade and is difficult for me to debug. The order process consists in a multistep form, rendered through partials and a create function in my Order controller.
In the first step of the multistep form you have to input the shipping details. When trying to get to the next step, I get the following error message in the server log: Unpermitted parameters: :authenticity_token, :order, :commit. Context: ... etc and the note that all validations have failed is rendered in my website.
Started POST "/orders" for ::1 at 2022-02-22 17:24:01 +0100
Processing by OrdersController#create as HTML
Parameters: {"authenticity_token"=>"[FILTERED]", "order"=>{"email"=>"name#example.com", "phone_number"=>"1234567", "ship_to_first_name"=>"John", "ship_to_last_name"=>"Doe", "ship_to_address"=>"Pennsylvania Avenue 12", "ship_to_city"=>"Houston", "ship_to_postal_code"=>"12345", "land_id"=>"112", "shipping_service_id"=>"50"}, "commit"=>"Continue"}
Cart Load (0.3ms) SELECT `carts`.* FROM `carts` WHERE `carts`.`id` = 4 LIMIT 1
↳ app/controllers/application_controller.rb:66:in `initialize_cart'
Unpermitted parameters: :authenticity_token, :order, :commit. Context: {controller: OrdersController, action: create, request: #<ActionDispatch::Request:0x00007fee489e8e30>, params: {"authenticity_token"=>"[FILTERED]", "order"=>{"email"=>"name#example.com", "phone_number"=>"1234567", "ship_to_first_name"=>"John", "ship_to_last_name"=>"Doe", "ship_to_address"=>"Pennsylvania Avenue 12", "ship_to_city"=>"Houston", "ship_to_postal_code"=>"12345", "land_id"=>"112", "shipping_service_id"=>"50"}, "commit"=>"Continue", "controller"=>"orders", "action"=>"create"} }
CartItem Load (0.4ms) SELECT `cart_items`.* FROM `cart_items` WHERE `cart_items`.`cart_id` = 4
↳ app/models/cart.rb:86:in `inject'
....
This is the same process in the old app.
Started POST "/orders" for 127.0.0.1 at Tue Feb 22 10:02:12 +0100 2022
Processing by OrdersController#create as HTML
Parameters: {"authenticity_token"=>"sometoken", "order"=>{"email"=>"name#example.com", "ship_to_first_name"=>"John", "ship_to_address"=>"Pennsylvania Avenue 12", "ship_to_city"=>"Houston", "land_id"=>"112", "ship_to_last_name"=>"Doe", "ship_to_postal_code"=>"12345", "phone_number"=>"1234567", "shipping_service_id"=>"1"}, "commit"=>"Continue", "utf8"=>"✓"}
Cart Load (0.3ms) SELECT `carts`.* FROM `carts` WHERE `carts`.`id` = ? LIMIT 1 [["id", 6255]]
CartItem Load (0.8ms) SELECT `cart_items`.* FROM `cart_items` WHERE `cart_items`.`cart_id` = 6255
ActiveShippingHub Load (0.3ms) SELECT `active_shipping_hubs`.* FROM `active_shipping_hubs` LIMIT 1
(0.5ms) SELECT MAX(`cart_items`.`length`) AS max_id FROM `cart_items` WHERE `cart_items`.`cart_id` = 6255
(0.5ms) SELECT MAX(`cart_items`.`width`) AS max_id FROM `cart_items` WHERE `cart_items`.`cart_id` = 6255
Rendered shared/_error_messages.html.erb (0.1ms)
Land Load (0.6ms) SELECT `lands`.* FROM `lands` WHERE `lands`.`id` = 112 LIMIT 1
ShippingService Load (0.5ms) SELECT `shipping_services`.* FROM `shipping_services` WHERE `shipping_services`.`id` = 1 LIMIT 1
ProductVariant Load (0.3ms) SELECT `product_variants`.* FROM `product_variants` WHERE `product_variants`.`id` = 14 LIMIT 1
Image Load (0.3ms) SELECT `images`.* FROM `images` WHERE `images`.`id` = 174 LIMIT 1
Rendered orders/_paymentoptions_step.html.erb (10.6ms)
Rendered orders/new.html.erb within layouts/application (14.0ms)
Rendered layouts/_header.html.erb (0.1ms)
Rendered layouts/_footer.html.erb (0.5ms)
Completed 200 OK in 68ms (Views: 20.9ms | ActiveRecord: 26.9ms)
My Order create action starts with
def create
session[:order_params].deep_merge!(order_params) if params[:order]
#order = Order.new(session[:order_params])
#shipping_services = #cart.available_shipping_services.joins(:lands).where(lands: {id: #order.land_id})
#order.customer_ip = request.remote_ip
populate_order
#order.current_step = session[:order_step]
...
I have set the order_params in the same controller as strong params:
...
private
def order_params
params.permit(:bill_to_address, :bill_to_city, :bill_to_first_name, :bill_to_last_name, :bill_to_land, :bill_to_land_id, :bill_to_postal_code, :date_payment_reminder, :email, :EULA, :express_token, :land_id, :payment, :date_payment_reminder, :phone_number, :signupnewsletter, :ship_to_address, :ship_to_city, :ship_to_first_name, :ship_to_last_name, :ship_to_postal_code, :shipping_service, :shipping_service_id, :shipping_date, :tracking_number, :order_status, :order_status_id, :stripe_card_token, :TOS)
end
end
I am not sure why I get this error. The use of strong_parameters in newer versions of Rails or the way associations are now verified?
When I turn off all validations in my Order model I still get the same message in my logs, but get the message, that there were problems with the shipping_land, shipping_service and bill_to_land fields: three associations of my Order model.
The associations are set in my Order model as follows:
# Associations
belongs_to :bill_to_land, class_name: "Land", foreign_key: :bill_to_land_id
belongs_to :land, foreign_key: :land_id
belongs_to :order_status
belongs_to :shipping_service
The multistep form is set in orders/new.html.erb
<%= form_for #order do |f| %>
<%= render "#{#order.current_step}_step", :f => f %>
<%= f.submit "Continue" unless #order.payment_options_step? || #order.billing_step? || #order.creditcard_options_step? || #order.last_step? %>
In the multistep form I only gather data and kick this data between steps in the session. The order entry is created only after the final submit.
Why do I get this error message? How can I debug the order session? What data has been written to it...
I hope someone can put me into the right direction.

private
def order_params
params.require(:order).permit(:bill_to_address, :bill_to_city, :bill_to_first_name, :bill_to_last_name, :bill_to_land,
:bill_to_land_id, :bill_to_postal_code, :date_payment_reminder, :email, :EULA, :express_token, :land_id, :payment, :date_payment_reminder, :phone_number, :signupnewsletter, :ship_to_address, :ship_to_city, :ship_to_first_name, :ship_to_last_name, :ship_to_postal_code, :shipping_service, :shipping_service_id, :shipping_date, :tracking_number, :order_status, :order_status_id, :stripe_card_token, :TOS)
end
end

Implementing file request counter

I have a Rails API project.
I am trying to implement a counter on the number of times a file is requested, say, the number of times an audio file is played.
This is my model
class Post < ApplicationRecord
has_one_attached :audio_file
end
The frontend gets the file URL and makes a GET request to play the file:
GET localhost:3001/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBDQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--75d7e21e4e3727c21cb0e26a86c7366dea1bc36a/test_audio.mp3
When the request is performed, rails logs this:
Started GET "/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBDQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--75d7e21e4e3727c21cb0e26a86c7366dea1bc36a/test_audio.mp3" for ::1 at 2020-05-13 20:29:15 -0400
(28.4ms) SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
↳ /home/david/.rbenv/versions/2.6.0/lib/ruby/gems/2.6.0/gems/activerecord-5.2.3/lib/active_record/log_subscriber.rb:98
Processing by ActiveStorage::BlobsController#show as MP3
Parameters: {"signed_id"=>"eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBDQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--75d7e21e4e3727c21cb0e26a86c7366dea1bc36a", "filename"=>"test_audio"}
ActiveStorage::Blob Load (45.5ms) SELECT "active_storage_blobs".* FROM "active_storage_blobs" WHERE "active_storage_blobs"."id" = $1 LIMIT $2 [["id", 3], ["LIMIT", 1]]
↳ /home/david/.rbenv/versions/2.6.0/lib/ruby/gems/2.6.0/gems/activerecord-5.2.3/lib/active_record/log_subscriber.rb:98
Disk Storage (18882.5ms) Generated URL for file at key: XoA9L6bBFrEeBuGMRPzHx6Wn (http://localhost:3001/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWRXRzlCT1V3MllrSkdja1ZsUW5WSFRWSlFla2g0TmxkdUJqb0dSVlE2RUdScGMzQnZjMmwwYVc5dVNTSkxZWFIwWVdOb2JXVnVkRHNnWm1sc1pXNWhiV1U5SW5SbGMzUmZZWFZrYVc4dWJYQXpJanNnWm1sc1pXNWhiV1VxUFZWVVJpMDRKeWQwWlhOMFgyRjFaR2x2TG0xd013WTdCa1k2RVdOdmJuUmxiblJmZEhsd1pVa2lEMkYxWkdsdkwyMXdaV2NHT3daVSIsImV4cCI6IjIwMjAtMDUtMTRUMDA6MzQ6NDUuMDMyWiIsInB1ciI6ImJsb2Jfa2V5In19--b7120a24370e1afd709601363c463950bbb6ad22/test_audio.mp3?content_type=audio%2Fmpeg&disposition=attachment%3B+filename%3D%22test_audio.mp3%22%3B+filename%2A%3DUTF-8%27%27test_audio.mp3)
Redirected to http://localhost:3001/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWRXRzlCT1V3MllrSkdja1ZsUW5WSFRWSlFla2g0TmxkdUJqb0dSVlE2RUdScGMzQnZjMmwwYVc5dVNTSkxZWFIwWVdOb2JXVnVkRHNnWm1sc1pXNWhiV1U5SW5SbGMzUmZZWFZrYVc4dWJYQXpJanNnWm1sc1pXNWhiV1VxUFZWVVJpMDRKeWQwWlhOMFgyRjFaR2x2TG0xd013WTdCa1k2RVdOdmJuUmxiblJmZEhsd1pVa2lEMkYxWkdsdkwyMXdaV2NHT3daVSIsImV4cCI6IjIwMjAtMDUtMTRUMDA6MzQ6NDUuMDMyWiIsInB1ciI6ImJsb2Jfa2V5In19--b7120a24370e1afd709601363c463950bbb6ad22/test_audio.mp3?content_type=audio%2Fmpeg&disposition=attachment%3B+filename%3D%22test_audio.mp3%22%3B+filename%2A%3DUTF-8%27%27test_audio.mp3
Completed 302 Found in 21681ms (ActiveRecord: 54.2ms)
Started GET "/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWRXRzlCT1V3MllrSkdja1ZsUW5WSFRWSlFla2g0TmxkdUJqb0dSVlE2RUdScGMzQnZjMmwwYVc5dVNTSkxZWFIwWVdOb2JXVnVkRHNnWm1sc1pXNWhiV1U5SW5SbGMzUmZZWFZrYVc4dWJYQXpJanNnWm1sc1pXNWhiV1VxUFZWVVJpMDRKeWQwWlhOMFgyRjFaR2x2TG0xd013WTdCa1k2RVdOdmJuUmxiblJmZEhsd1pVa2lEMkYxWkdsdkwyMXdaV2NHT3daVSIsImV4cCI6IjIwMjAtMDUtMTRUMDA6MzQ6NDUuMDMyWiIsInB1ciI6ImJsb2Jfa2V5In19--b7120a24370e1afd709601363c463950bbb6ad22/test_audio.mp3?content_type=audio%2Fmpeg&disposition=attachment%3B+filename%3D%22test_audio.mp3%22%3B+filename%2A%3DUTF-8%27%27test_audio.mp3" for ::1 at 2020-05-13 20:29:46 -0400
Processing by ActiveStorage::DiskController#show as MP3
Parameters: {"content_type"=>"audio/mpeg", "disposition"=>"attachment; filename=\"test_audio.mp3\"; filename*=UTF-8''test_audio.mp3", "encoded_key"=>"eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWRXRzlCT1V3MllrSkdja1ZsUW5WSFRWSlFla2g0TmxkdUJqb0dSVlE2RUdScGMzQnZjMmwwYVc5dVNTSkxZWFIwWVdOb2JXVnVkRHNnWm1sc1pXNWhiV1U5SW5SbGMzUmZZWFZrYVc4dWJYQXpJanNnWm1sc1pXNWhiV1VxUFZWVVJpMDRKeWQwWlhOMFgyRjFaR2x2TG0xd013WTdCa1k2RVdOdmJuUmxiblJmZEhsd1pVa2lEMkYxWkdsdkwyMXdaV2NHT3daVSIsImV4cCI6IjIwMjAtMDUtMTRUMDA6MzQ6NDUuMDMyWiIsInB1ciI6ImJsb2Jfa2V5In19--b7120a24370e1afd709601363c463950bbb6ad22", "filename"=>"test_audio"}
Completed 200 OK in 1ms (ActiveRecord: 0.0ms)
I was thinking of adding a callback to ActiveStorage::Blob Load, that +1 a counter attribute in the Post model. My idea was to use after_find but I am not sure where I should add it.
Any other suggestions are very much appreciated.

How about providing new member action for posts_controller and use rails_blob_path helper?
in routes.rb definition
resources :posts do
member do
get :download
end
end
in controller
class PostsController::ApplicationController
def download
post = Post.find params[:id]
# counter business logic here
post.increment(:download_counter)
rails_blob_path(post.audio_file, disposition: "attachment")
end
end

Rails does not create associated model

I created a form where a user can create a profile. In the form the user can select multiple companies. A profile has many companies through a join-table named profile_companies. My code does create a new profile, but it does not create the association. Meaning that when I hit in the console: Profile.last.companies it returns an empty array. When I check the params before a profile is created, it does show me a full array for company_ids. So it looks like it cannot pass these values and create the association. Does anyone have an idea where the error is?
Here is my Profile model:
class Profile < ApplicationRecord
belongs_to :user
has_many :profile_companies
has_many :companies, through: :profile_companies
STATUSES = ["currently looking for a job", "employed but open for a new challenge"]
validates :status, inclusion: {in: STATUSES}
end
here is my company model:
class Company < ApplicationRecord
has_many :vacancies
has_many :profile_companies
has_many :profiles, through: :profile_companies
end
here is my profiles controller:
class ProfilesController < ApplicationController
def new
#profile = Profile.new
end
def create
#profile = Profile.new(params_profile)
if #profile.save
redirect_to profile_path
else
render :new
end
end
private
def params_profile
params.require(:profile).permit(:status, :name, :content, :company_ids)
end
end
And here is my pry to show the params handed to the controller:
[1] pry(#<ProfilesController>)> params[:profile] => <ActionController::Parameters {"name"=>"test 4", "status"=>"employed but open for a new challenge", "company_ids"=>["", "31", "34"], "content"=>"test 4"} permitted: false>
And here are my Logs:
Started POST "/profiles" for ::1 at 2019-08-05 22:54:36 +0200
Processing by ProfilesController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"bmmqCdtWvTcDjlbR6yGrdZTGj+t3O2NMwNKanY5qP84eCSsCuBVF4SdzDkQ+0YOe5q+CapWx5NLaftunZ+ANSg==", "profile"=>{"name"=>"test 4", "status"=>"employed but open for a new challenge", "company_ids"=>["", "17", "31", "32"], "content"=>"rrr"}, "commit"=>"Save your profile"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 16], ["LIMIT", 1]]
Unpermitted parameter: :company_ids
(0.1ms) BEGIN
(0.1ms) ROLLBACK
Rendering profiles/new.html.erb within layouts/application
Company Load (2.6ms) SELECT "companies".* FROM "companies"
CACHE Company Load (0.0ms) SELECT "companies".* FROM "companies"
CACHE Company Load (0.0ms) SELECT "companies".* FROM "companies"
Rendered profiles/new.html.erb within layouts/application (29.2ms)
Rendered shared/_navbar.html.erb (1.4ms)
Rendered shared/_flashes.html.erb (0.4ms)
Completed 200 OK in 178ms (Views: 170.6ms | ActiveRecord: 3.2ms)

A couple of things. First, as you can see from the Unpermitted parameter: :company_ids message:
Started POST "/profiles" for ::1 at 2019-08-05 22:54:36 +0200
Processing by ProfilesController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"bmmqCdtWvTcDjlbR6yGrdZTGj+t3O2NMwNKanY5qP84eCSsCuBVF4SdzDkQ+0YOe5q+CapWx5NLaftunZ+ANSg==", "profile"=>{"name"=>"test 4", "status"=>"employed but open for a new challenge", "company_ids"=>["", "17", "31", "32"], "content"=>"rrr"}, "commit"=>"Save your profile"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 16], ["LIMIT", 1]]
Unpermitted parameter: :company_ids
(0.1ms) BEGIN
(0.1ms) ROLLBACK
Rendering profiles/new.html.erb within layouts/application
Company Load (2.6ms) SELECT "companies".* FROM "companies"
CACHE Company Load (0.0ms) SELECT "companies".* FROM "companies"
CACHE Company Load (0.0ms) SELECT "companies".* FROM "companies"
Rendered profiles/new.html.erb within layouts/application (29.2ms)
Rendered shared/_navbar.html.erb (1.4ms)
Rendered shared/_flashes.html.erb (0.4ms)
Completed 200 OK in 178ms (Views: 170.6ms | ActiveRecord: 3.2ms)
...you are using permit incorrectly and company_ids, therefore, is not being permitted.
It should look something more like:
def params_profile
params.require(:profile).permit(:status, :name, :content, company_ids: [])
end
...since company_ids is an array. Permitted arrays should go at the end of the permit list, see the docs for more information.
Second, your Profile model doesn't have a company_ids attribute. So, you may get an error when you do:
#profile = Profile.new(params_profile)
(TBH, I forget how smart (or not) rails is in this type of circumstance.) Which is a whole other thing you'll have to deal with.
Third, your Profile model includes belongs_to :user, but you never assign a user which is why your transaction is getting the ROLLBACK. In general, to see why you're getting a ROLLBACK, you can do something like:
if #profile.save!
...and the bang (!) will cause an error and provide an explanation.
To set the user_id, I would suggest you do something like:
#profile = current_user.build_profile(params_profile)
This assumes that User has_one :profile. See the docs for more information.

Stripe::InvalidRequestError: This customer has no attached payment source

I'm trying to do the test signup at the end of lecture 113 in Upskill's Essential Web Developer course, however I get the following error and I have been over and over the previous lectures and cannot pinpoint where I have gone wrong.
Stripe::InvalidRequestError in Users::RegistrationsController#create
This customer has no attached payment source
Extracted source (around line #10):
8 def save_with_subscription
9 if valid?
10 customer = Stripe::Customer.create(description: email, plan: plan_id, card: stripe_card_token)
11 self.stripe_customer_token = customer.id
12 save!
13 end
Rails.root: /home/ubuntu/workspace/saasapp
Application Trace | Framework Trace | Full Trace
app/models/user.rb:10:in `save_with_subscription'
app/controllers/users/registrations_controller.rb:7:in `block in create'
app/controllers/users/registrations_controller.rb:3:in `create'
Request
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"/4EiUCLerdc0o+vIbZWWZzxC3cm1TSjyWGs/lYq/H4RiT6zwohUJUQnZaIrxADF2RiWcs6G3BDXiRDQT/bEa4Q==",
"plan"=>"2",
"user"=>{"email"=>"test#example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"},
"commit"=>"Sign up"}
Toggle session dump
Toggle env dump
Response
Headers:
None
LOG
Started POST "/users" for 81.140.28.63 at 2017-01-18 21:24:44 +0000
Cannot render console from 81.140.28.63! Allowed networks: 127.0.0.1, ::1, 127.0.0.0/127.255.255.255
Processing by Users::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"GIGatf9j6proPQgjnjCwR6r6BBeDLCYa2lhOG453bQLwln1wTOEbVSPaPow6ZLGBcGpvX3Qm1Fw03vpQc0Xtsg==", "plan"=>"2", "user"=>{"email"=>"test#example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
(0.1ms) begin transaction
User Exists (0.3ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = ? LIMIT ? [["email", "test#example.com"], ["LIMIT", 1]]
(0.2ms) rollback transaction
User Exists (0.2ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = ? LIMIT ? [["email", "test#example.com"], ["LIMIT", 1]]
Plan Load (0.1ms) SELECT "plans".* FROM "plans" WHERE "plans"."id" = ? LIMIT ? [["id", 2], ["LIMIT", 1]]
Completed 500 Internal Server Error in 905ms (ActiveRecord: 0.9ms)
Stripe::InvalidRequestError (This customer has no attached payment source):
app/models/user.rb:10:in `save_with_subscription'
app/controllers/users/registrations_controller.rb:7:in `block in create'
app/controllers/users/registrations_controller.rb:3:in `create'
Rendering /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb within rescues/layout
Rendering /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_source.html.erb
Rendered /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_source.html.erb (9.5ms)
Rendering /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb
Rendered /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (4.3ms)
Rendering /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb
Rendered /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (2.7ms)
Rendered /usr/local/rvm/gems/ruby-2.3.0#saasapp/gems/actionpack-5.0.0/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb within rescues/layout (43.3ms)

I would recommend dividing out the requests to see which part of it is actually failing. I suspect that the reason it's barfing is just because something else is happening and it's unable to manifest a meaningful error message.
Try this:
cus = Stripe::Customer.create(description: email)
self.stripe_customer_token = cus.id
cus.sources.create(source: stripe_card_token)
sub = Stripe::Subscription.create(customer: cus.id, plan: plan_id)
save!

I just hit the same issue.
I made the fix for the typo but still got the same error. It looks like the test card number used in the course video maybe another source for this
error too. I used a test number from the following page and all worked as expected.
https://stripe.com/docs/testing#cards
Just my 2cents!

Many thanks for taking the time to reply. So I gave it a few days and looked at it again last night and it turned out to be a rather simple and stupid mistake on my part.
In the lesson video and notes the instructor corrects a typo in the users.js file where he referenced an incorrect ID for the submit button in the form. He had typed
var submitBtn = $('#form-submit-btn');
but he had used the following in the form
var submitBtn = $('#form-signup-btn');
While I changed my users.js file to match the correction, somehow I had actually used #form-submit-btn' so when I corrected the users.js file per the lesson I actually caused the problem.

Validates acceptance always fails

No other answers I found on that issue helped me.
I have a terms and conditions box and want to validate if it's checked on creation.
In my model:
validates :terms_and_conditions, :on => :create, acceptance: true, :allow_nil => false
In my view:
<%= f.check_box(:terms_and_conditions )%>
It always fails, no matter if the check_box is checked or not. I think it never actually sets the field and the problem is in my view, but I can't find it.
Log when submitting the form.
Processing by Users::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"xNNmGTWSV4hkj0rrlZeOq+AiTlJ9sc9+cAT1Sy0bjhc=", "user"=>{"email"=>"sdasdr#gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "name"=>"", "surname"=>"", "country_id"=>"", "language"=>"", "description"=>"", "register_as_company"=>"1", "terms_and_conditions"=>"1"}, "commit"=>"Sign up"}
Unpermitted parameters: name, surname, country_id, language, description, register_as_company, terms_and_conditions
[1m[35m (0.1ms)[0m begin transaction
[1m[36mUser Exists (0.3ms)[0m [1mSELECT 1 AS one FROM "users" WHERE "users"."email" = 'sdasdr#gmail.com' LIMIT 1[0m
[1m[35m (0.1ms)[0m rollback transaction
[1m[36mCountry Load (0.2ms)[0m [1mSELECT "countries".* FROM "countries"[0m
Rendered devise/registrations/new.html.erb within layouts/application (6.1ms)
Rendered layouts/_auth_widget.html.erb (1.1ms)
Completed 200 OK in 127ms (Views: 22.8ms | ActiveRecord: 0.7ms)

You have not permitted terms_and_conditions attribute to be saved in the database. If you notice the server logs closely,
Unpermitted parameters: name, surname, country_id, language, description, register_as_company, terms_and_conditions
there are multiple attributes which are not permitted so all of them are not getting saved in database. terms_and_conditions goes as nil and results in error as the value submitted via form is ignored (because of unpermitted status).
This is related to Rails 4 Strong Parameters concept wherein only those attributes would be saved in database which are whitelisted/ permitted.
Checkout the information on Strong Parameters
Also, as per the server log I noticed that these attributes are part of User model which is a Devise model. Permitting attributes for Devise can be done in different ways,
you can refer to SO Question: Rails devise simple form not saving all fields for this.