← Back to Upcase

Forbidden Attributes in Model Error Manage todos Spec Section Video 2 Writing Integration Test


(Judy Ngai) #1

Hello Joshua,

I took the last tdd class maybe two weeks ago. I am currently going through the tdd videos again to redo the exercises.

I am stuck in the video called writing integration tests video 2. I am stuck on the manage_todos_spec.rb section.

Here is my error

Pending:
  Todo add some examples to (or delete) /Users/judyngai/redo_thoughtbot_exercise/todos/spec/models/todo_spec.rb
  # No reason given
# ./spec/models/todo_spec.rb:4

Failures:

  1) Manage todos create a new todo
 Failure/Error: click_button 'Create todo' #click another link to create the todo
 ActiveModel::ForbiddenAttributesError:
   ActiveModel::ForbiddenAttributesError
 # ./app/controllers/todos_controller.rb:12:in `create'
 # ./spec/features/manage_todos_spec.rb:10:in `block (2 levels) in <top (required)>'

Finished in 0.17434 seconds
4 examples, 1 failure, 1 pending

Failed examples:

rspec ./spec/features/manage_todos_spec.rb:4 # Manage todos create a new todo

I believe I am getting a model error, I made sure that the todos does have a description field in string format.

Here is my schema.

ActiveRecord::Schema.define(version: 20130712195612) do

  create_table "todos", force: true do |t|
  t.string   "description"
  t.datetime "created_at"
  t.datetime "updated_at"
 end

end

I went through the videos to made sure I got all the code correct. more information can be posted if its needed. At the tdd class we used ruby 2.0 and rails 4 and the latest version of capybara, since the videos were filmed a while back what are the ‘new changes’ and ‘differences’ that I should be cautious of ?

Thanks !
Judy


(Judy Ngai) #2

also I noticed that you didn’t specify require ‘ostruct’ in the application controller in the video.


(Josh Clayton) #3

Hey @judyngai! The videos were filmed with Rails 3.2, Ruby 1.9, and Capybara 1.1. Based on the error that you’re seeing, it looks like it’s an issue with ActiveRecord (technically ActiveModel but AR is what will actually handle persistence). If you’re following along with Rails 4, your app will be using StrongParameters to secure your models at the controller level. If you attempt Todo.create(params[:todo]), the ActiveModel::ForbiddenAttributesError will be raised so you’ll need to create the record with allowed params.

If you look at the first code example in StrongParameters’ README you’ll see a private person_params method which enforces certain rules on the params hash. Once you’ve followed that pattern (require(:todo).permit(:description) in this case), I think you should be set. Send me an @reply in a comment if you’re still stuck after trying this out!