Rails 7.1: incorrect path when submitting form for a singular resource

[jp524]

Steps to reproduce

When submitting a form with an error, Rails 7.1 redirects to incorrect path when the resource is singular.
This may be an issue with Turbo (see expected and actual behaviors below).

# frozen_string_literal: true

require "bundler/inline"

gemfile(true) do
  source "https://rubygems.org"

  git_source(:github) { |repo| "https://github.com/#{repo}.git" }

  # Activate the gem you are reporting the issue against.
  gem "rails", "~> 7.1.0"
  gem "sqlite3"
end

require "active_record"
require "minitest/autorun"
require "logger"

# This connection will do for database-independent bug reports.
ActiveRecord::Base.establish_connection(adapter: "sqlite3", database: ":memory:")
ActiveRecord::Base.logger = Logger.new(STDOUT)

ActiveRecord::Schema.define do
  create_table :authors, force: true do |t|
    t.string :name
  end
end

class Author < ActiveRecord::Base
  validates :name,
            format: { with: /\A[a-zA-Z0-9-]{0,39}\z/, message: 'can only contain alphanumeric characters and dashes' },
            length: { maximum: 39 }
end

require "rack/test"
require "action_controller/railtie"

class TestApp < Rails::Application
  config.root = __dir__
  config.hosts << "example.org"
  config.session_store :cookie_store, key: "cookie_store_key"
  config.secret_key_base = "secret_key_base"

  config.logger = Logger.new($stdout)
  Rails.logger  = config.logger

  routes.draw do
    resource :author, only: %i[edit update]
  end
end

class AuthorsController < ActionController::Base
  include Rails.application.routes.url_helpers

  before_action :set_author, only: %i[edit update]

  def edit; end

  def update
    if @author.update(author_params)
      redirect_to edit_author_path
    else
      render :edit, status: :unprocessable_entity
    end
  end

  private

  def set_author
    @author = Author.find(1) # Actual application would use session to find author logged in
  end

  def author_params
    params.require(:author).permit(:name)
  end
end

class BugTest < Minitest::Test
  include Rack::Test::Methods

  Author.create!(name: 'name')

  def test_author_updated_success
    patch '/author', { author: { name: 'validName' } }
    assert_equal 'http://example.org/author/edit', last_response.headers['location']
  end

  def test_author_updated_failure
    patch '/author', { author: { name: 'invalid!!!name?' } }
    assert_equal 'http://example.org/author/edit', last_response.headers['location']
  end

  private

  def app
    Rails.application
  end
end

Expected behavior

The request path should be author/edit.
The console in Rails 7.0.8 showed

Started PATCH "/author" for 127.0.0.1 at 2023-10-12 09:22:13 -0400
Processing by AuthorsController#update as TURBO_STREAM

Actual behavior

The request path is author/#{author.id}”.
The console in Rails 7.1.0 shows

Started PATCH "/author.1" for 127.0.0.1 at 2023-10-12 09:21:10 -0400
Processing by AuthorsController#update as */*

System configuration

Rails version: 7.1.0

Ruby version: 3.2.2

[paulreece]

So in a default Rails app these are the only options that would be used for the /authors path:

 Controller#Action
GET    /authors(.:format)                                                                                authors#index
POST   /authors(.:format)                                                                                authors#create

The available options you have for editing are as follows:

GET    /authors/:id/edit(.:format)                                                                       authors#edit
PATCH  /authors/:id(.:format)                                                                            authors#update
PUT    /authors/:id(.:format)                                                                            authors#update

edit_author_path is configured as follows:

edit_author_path | GET | /authors/:id/edit(.:format) | authors#edit | config/routes.rb:2

So I don't think this is a bug because you are expecting the wrong behavior here.

def test_author_updated_failure
patch '/author', { author: { name: 'invalid!!!name?' } }
assert_equal 'http://example.org/author/edit', last_response.headers['location']
end

There's no 'location' header here so it's not reproducing the behavior.

[jp524]

This issue only happens when specifying a singular resource in config/routes.rb, such as resource :author. This results in the following routes and actions:

                                  Prefix Verb   URI Pattern                                                                                       Controller#Action
                              new_author GET    /author/new(.:format)                                                                             authors#new
                             edit_author GET    /author/edit(.:format)                                                                            authors#edit
                                  author GET    /author(.:format)                                                                                 authors#show
                                         PATCH  /author(.:format)                                                                                 authors#update
                                         PUT    /author(.:format)                                                                                 authors#update
                                         DELETE /author(.:format)                                                                                 authors#destroy

So the edit_author_path has a corresponding URI of /author/edit(.:format). The params :id is not required.

[paulreece]

Thanks for clarifying!

We still need your repro script updated to reproduce the error if possible.

I changed my local app to the setup as singular resource and I get a PATCH request to /author.id for each one, valid or invalid.

Started GET "/author/edit" for ::1 at 2023-10-12 15:02:25 -0400
Processing by AuthorsController#edit as HTML
  Author Load (0.2ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = $1 LIMIT $2  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:62:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/_form.html.erb (Duration: 1.1ms | Allocations: 344)
  Rendered authors/edit.html.erb within layouts/application (Duration: 1.4ms | Allocations: 471)
  Rendered layout layouts/application.html.erb (Duration: 2.1ms | Allocations: 859)
Completed 200 OK in 4ms (Views: 2.6ms | ActiveRecord: 0.2ms | Allocations: 1823)

Started PATCH "/author.1" for ::1 at 2023-10-12 15:03:31 -0400
Processing by AuthorsController#update as */*
  Parameters: {"authenticity_token"=>"[FILTERED]", "author"=>{"name"=>"validName"}, "commit"=>"Update Author"}
  Author Load (0.7ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = $1 LIMIT $2  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:62:in `set_author'
  TRANSACTION (0.1ms)  BEGIN
  ↳ app/controllers/authors_controller.rb:23:in `update'
  Author Update (0.7ms)  UPDATE "authors" SET "name" = $1, "updated_at" = $2 WHERE "authors"."id" = $3  [["name", "validName"], ["updated_at", "2023-10-12 19:03:31.152743"], ["id", 1]]
  ↳ app/controllers/authors_controller.rb:23:in `update'
  TRANSACTION (0.9ms)  COMMIT
  ↳ app/controllers/authors_controller.rb:23:in `update'
Redirected to http://[::1]:3000/author/edit
Completed 302 Found in 6ms (ActiveRecord: 2.3ms | Allocations: 1864)


Started GET "/author/edit" for ::1 at 2023-10-12 15:03:31 -0400
Processing by AuthorsController#edit as HTML
  Author Load (0.5ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = $1 LIMIT $2  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:62:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/_form.html.erb (Duration: 0.8ms | Allocations: 344)
  Rendered authors/edit.html.erb within layouts/application (Duration: 1.0ms | Allocations: 471)
  Rendered layout layouts/application.html.erb (Duration: 1.4ms | Allocations: 859)
Completed 200 OK in 4ms (Views: 1.7ms | ActiveRecord: 0.4ms | Allocations: 1823)


Started PATCH "/author.1" for ::1 at 2023-10-12 15:03:35 -0400
Processing by AuthorsController#update as */*
  Parameters: {"authenticity_token"=>"[FILTERED]", "author"=>{"name"=>"invalid!!!name?"}, "commit"=>"Update Author"}
  Author Load (0.5ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = $1 LIMIT $2  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:62:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/_form.html.erb (Duration: 1.0ms | Allocations: 848)
  Rendered authors/edit.html.erb within layouts/application (Duration: 1.2ms | Allocations: 975)
  Rendered layout layouts/application.html.erb (Duration: 1.6ms | Allocations: 1359)
Completed 422 Unprocessable Entity in 6ms (Views: 1.9ms | ActiveRecord: 0.5ms | Allocations: 3355)

When I try the invalid name I'm temporarily on /author.1 with a validation error. As soon as I submit a valid name I'm back to /author/edit. It doesn't seem like buggy behavior to me but rather intentional since underneath the hood Rails is sending a PATCH request to /author.1.

If you want to go back to /author/edit you can change your updateaction to the following:

  def update
    redirect_to edit_author_path
  end

Though that would probably just confuse the user.

[jp524]

Thanks for taking the time to look at this!

I found a way around the issue by specifying a url in my form such as:

<%= form_with(model: @author, url: '/author') do |form| %>

This ensures that the request is sent to the correct path.

I am not sure if the change was intentional or not under the hood, but up until Rails 7.0.8 the PATCH requests were sent to /author, as seen below:

Started GET "/author/edit" for 127.0.0.1 at 2023-10-12 15:18:20 -0400
  ActiveRecord::SchemaMigration Pluck (0.0ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
Processing by AuthorsController#edit as HTML
  Author Load (0.2ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = ? LIMIT ?  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:22:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/edit.html.erb within layouts/application (Duration: 2.5ms | Allocations: 2525)
  Rendered layout layouts/application.html.erb (Duration: 19.2ms | Allocations: 37620)
Completed 200 OK in 29ms (Views: 20.5ms | ActiveRecord: 0.4ms | Allocations: 48913)


Started PATCH "/author" for 127.0.0.1 at 2023-10-12 15:18:41 -0400
Processing by AuthorsController#update as TURBO_STREAM
  Parameters: {"authenticity_token"=>"[FILTERED]", "author"=>{"name"=>"validName"}, "commit"=>"Update Author"}
  Author Load (0.1ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = ? LIMIT ?  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:22:in `set_author'
  TRANSACTION (0.1ms)  begin transaction
  ↳ app/controllers/authors_controller.rb:10:in `update'
  Author Update (0.7ms)  UPDATE "authors" SET "name" = ?, "updated_at" = ? WHERE "authors"."id" = ?  [["name", "validName"], ["updated_at", "2023-10-12 19:18:41.572352"], ["id", 1]]
  ↳ app/controllers/authors_controller.rb:10:in `update'
  TRANSACTION (0.7ms)  commit transaction
  ↳ app/controllers/authors_controller.rb:10:in `update'
Redirected to http://localhost:3000/author/edit
Completed 302 Found in 8ms (ActiveRecord: 1.5ms | Allocations: 4357)


Started GET "/author/edit" for 127.0.0.1 at 2023-10-12 15:18:41 -0400
Processing by AuthorsController#edit as TURBO_STREAM
  Author Load (0.1ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = ? LIMIT ?  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:22:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/edit.html.erb within layouts/application (Duration: 0.8ms | Allocations: 917)
  Rendered layout layouts/application.html.erb (Duration: 2.7ms | Allocations: 3218)
Completed 200 OK in 4ms (Views: 3.0ms | ActiveRecord: 0.1ms | Allocations: 4034)


Started PATCH "/author" for 127.0.0.1 at 2023-10-12 15:19:02 -0400
Processing by AuthorsController#update as TURBO_STREAM
  Parameters: {"authenticity_token"=>"[FILTERED]", "author"=>{"name"=>"invalid!!!name?"}, "commit"=>"Update Author"}
  Author Load (0.2ms)  SELECT "authors".* FROM "authors" WHERE "authors"."id" = ? LIMIT ?  [["id", 1], ["LIMIT", 1]]
  ↳ app/controllers/authors_controller.rb:22:in `set_author'
  Rendering layout layouts/application.html.erb
  Rendering authors/edit.html.erb within layouts/application
  Rendered authors/edit.html.erb within layouts/application (Duration: 2.1ms | Allocations: 1135)
  Rendered layout layouts/application.html.erb (Duration: 6.5ms | Allocations: 3320)
Completed 422 Unprocessable Entity in 12ms (Views: 7.3ms | ActiveRecord: 0.2ms | Allocations: 5303)

[paulreece]

So this is definitely intentional after researching it more.

They changed the SQL statements here which suggests to me this is intentional:
6444ec0

I'll see if I can find the PR that introduced the change a bit later unless someone else jumps in who already knows when this behavior changed.

[jvillarejo]

I think I found where is the problem.

I tested and here is the behaviour with single resource on the form_with in lib/action_view/helpers/form_helper.rb

On 7.1:
https://github.com/rails/rails/blob/7-1-stable/actionview/lib/action_view/helpers/form_helper.rb#L761

Here theform_with uses the polymporphic_path(model, {})

(ruby) polymorphic_path(model, {})
"/author.1"

If I use here on 7.1 the method polymorphic_path(model, format: format) the correct path for single resource gets resolved /author

(ruby) polymorphic_path(model, format: format)
"/author"

On 7.0:
https://github.com/rails/rails/blob/7-0-stable/actionview/lib/action_view/helpers/form_helper.rb#L760

Here the form_with uses the polymorphic_path(model, format: format)

(ruby) polymorphic_path(model, format: format)
"/author"

If I use here on 7.0 the method polymorphic_path(model, {}), the wrong path for sigle resource gets resolved /author.1

(ruby) polymorphic_path(model, {})
"/author.1"

---

I don't know much why this was changed on #43766
If someone (maybe @jhawthorn or @cryptoque ) can guide me to the right solution I can implement a PR to fix it.

[paulreece]

@jvillarejo Nice detective work here!!

After reading #43766 they did this so that Rails would still render forms even with a nil value for format.

A maintainer will need to chime in on whether adding the .id to the end of the url is actually an intentional change.

However the current fix to the problem would be to pass in a format: :hmtl option to the form_with method in the _form partial of your views:

<%= form_with(model: author, format: :html) do |form| %>

[matthewd]

They changed the SQL statements here which suggests to me this is intentional: 6444ec0

@paulreece I don't see how that change is related, let alone implying intention?

A maintainer will need to chime in on whether adding the .id to the end of the url is actually an intentional change.

No, it's clearly a bug for an id value to end up in the format part of a URL. That said, tbh I'm slightly more surprised that the format-explicit cases are working. I guess they might still have a dangling id value, and it's just running out of places to go?

[paulreece]

@matthewd thanks for clarifying about the intentionality of this bug.

@paulreece I don't see how that change is related, let alone implying intention?

This was in reference to the methods using different SQL queries in 7.0 vs 7.1 which I thought was related in my initial triage of this bug. I apologize for the confusion.

[jvillarejo]

A maintainer will need to chime in on whether adding the .id to the end of the url is actually an intentional change.

There wasn't any intention to change how the paths were resoved.

As @matthewd said. This is clearly a bug. The /author.1 is the wrong path for a single resource configuration.
I will try to research polymorphic_url today.

I was going to upgrade my application to 7.1, but I have some single resources configured. So I want to fix it.

[paulreece]

As @matthewd said. This is clearly a bug. The /author.1 is the wrong path for a single resource configuration.
I will try to research polymorphic_url today.

Yes, I thought I clarified that in my comment above after he chimed in?

I was going to upgrade my application to 7.1, but I have some single resources configured. So I want to fix it.

Great! Thanks for taking the time to look into this.