When trying to add users to a band using the nested_form gem, I am unable to access the users from the params. After some investigation I noticed that I was getting an unpermitted parameters error in the console. I need to access users_attributes so that I can search for users in my database by display name in the controller. (So the nested_form is to add users who are already in the database, if there is a better way to do this, please let me know)
Here is the error from the rails console:
Started PATCH "/band_steps/videos" for 127.0.0.1 at 2015-04-29 01:59:03 -0400 Processing by BandStepsController#update as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"oA16RrnTw9Tn/7n45jSjrg+Q6vO8q+TxrYRHLOKSJYs=", "band"=>{"users_attributes"=>{"0"=>{"display_name"=>"Tyler", "_destroy"=>"false", "id"=>"330"}}}, "commit"=>"Next", "id"=>"videos"} Band Load (0.2ms) SELECT "bands".* FROM "bands" WHERE "bands"."id" = $1 LIMIT 1 [["id", 57]] Unpermitted parameters: users_attributes (0.1ms) BEGIN Band Exists (0.5ms) SELECT 1 AS one FROM "bands" WHERE (LOWER("bands"."name") = LOWER('asdfsbad') AND "bands"."id" != 57) LIMIT 1 (0.2ms) COMMIT Redirected to http://localhost:3000/band_steps/music Completed 302 Found in 8ms (ActiveRecord: 1.0ms)
The code for the form partial (_form.html.erb):
<%= nested_form_for @band, url: wizard_path do |band_form| %>
<%= render partial: 'shared/error_messages', locals: {obj: band_form.object} %>
<%= yield band_form %>
<%= band_form.submit "Next" %>
<%end%>
The code from member.html.erb (the page that calls the partial)
<h3> Add members to your band! </h3>
<%= render layout: 'form' do |band_form| %>
<%= band_form.fields_for :users do |builder| %>
<%= render 'user_fields', builder:builder %>
<%end%>
<p><%= band_form.link_to_add "Add a Member", :users %></p>
<br>
<%end%>
<%= link_to "skip this step", next_wizard_path %><br>
<%= link_to "Back", previous_wizard_path %>
The code from _user_fields.html.erb (partial that renders the user fields)
<p>
<%= builder.label :display_name, "Display Name" %>
<%= builder.text_field :display_name %>
<%= builder.link_to_remove "Remove this User" %>
</p>
Relevant Band Controller Code: (I'm posting only the methods directly involved to save reading time, I can post all the code as needed)
Create Method:
def create
@band = Band.new(band_params)
@band_params = band_params
if @band.save
session[:band_id] = @band.id
redirect_to band_steps_path
else
render :new
end
end
the strong parameters:
def band_params
params.require(:band).permit(:name, :location, :about_me, :profile_picture,
:full_address, :video_link, user_ids: [], genre_ids: [],
band_video_attributes: [:video_link, :video_name],
band_music_attributes: [:name, :embed_html],
genre_ids: [], users_attributes: [])
end
The Band model:
has_many :user_bands, dependent: :destroy
has_many :users, through: :user_bands
accepts_nested_attributes_for :users, allow_destroy: true
The User Model:
has_many :user_bands
has_many :bands, through: :user_bands
To sum up how the code should work: Band form has fields to type in users' display names, I access the display names in the bands controller.
I have spent quite a bit of time looking through my code to see where I made a mistake. Any help is appreciated.