This repository has been archived by the owner. It is now read-only.

File upload with Strong Parameters #114

Closed
firedev opened this Issue Mar 8, 2013 · 11 comments

Comments

Projects
None yet
5 participants
@firedev

firedev commented Mar 8, 2013

I am porting an application that uses Carrierwave to Rails 4, but I have problems with strong params. I have a model with

accepts_nested_attributes_for :photos

Here is how CW passes uploaded images:

{
    # ...
    "model"=>
    {
        # ...
        "photos_attributes"=>
        {
            "1362752177921"=>
            {
                "image"=>"test.jpg",
                "title"=>"test",
                "_destroy"=>"false"
            }
        }
    }
}

However I can't seem to figure out how to write parameters that will accept photos_attributes.

I have tried .permit(photos_attributes: {}) but it simply skips everything inside the photo params hash (image, title, _destroy) . When I use permit!, it might almost work, but first of all this is kinda lame. And then the uuid that is created inside the model before saving doesn't appear in SQL on save and this is the second issue:

photos.uuid may not be NULL: INSERT INTO "photos" ("created_at", "model_id", "image", "title", "updated_at") VALUES (?, ?, ?, ?, ?)

Documentation is seriously lacking here and I am not even sure how to proceed.

How to accept an array of nested parameters? How to add additional parameters for nested models when saving?

@esambo

This comment has been minimized.

Show comment
Hide comment
@esambo

esambo Mar 8, 2013

Perhaps your photos_attributes object is not one of the supported types: https://github.com/rails/strong_parameters#permitted-scalar-values

esambo commented Mar 8, 2013

Perhaps your photos_attributes object is not one of the supported types: https://github.com/rails/strong_parameters#permitted-scalar-values

@firedev

This comment has been minimized.

Show comment
Hide comment
@firedev

firedev Mar 8, 2013

It's just a key in params hash, besides what now, I can't upload files anymore?

firedev commented Mar 8, 2013

It's just a key in params hash, besides what now, I can't upload files anymore?

@rafaelfranca

This comment has been minimized.

Show comment
Hide comment
@rafaelfranca

rafaelfranca Mar 8, 2013

Member

have you tried .permit(photos_attributes: {})?

Member

rafaelfranca commented Mar 8, 2013

have you tried .permit(photos_attributes: {})?

@fxn

This comment has been minimized.

Show comment
Hide comment
@fxn

fxn Mar 8, 2013

Member

The permit method is a whitelist filter. Either you know what to expect and declare it, or else you cannot whitelist it. If you cannot whitelist then it follows you need to trust whatever comes.

Member

fxn commented Mar 8, 2013

The permit method is a whitelist filter. Either you know what to expect and declare it, or else you cannot whitelist it. If you cannot whitelist then it follows you need to trust whatever comes.

@firedev

This comment has been minimized.

Show comment
Hide comment
@firedev

firedev Mar 8, 2013

@fxn Yes, I expect an array of hashes with nested values for photos. So can I whitelist it? And the other question is how can I make to save the uuid attribute which exists in the model when it is getting saved, but isn't appearing in the actual sql query?

@rafaelfranca Yes, that is what I've tried, params return this then:

Unpermitted parameters: image, title, _destroy
{
    #...
    "photos_attributes" => {
        "1362762269211" => {}
    }
}

But it skips the hash inside.

firedev commented Mar 8, 2013

@fxn Yes, I expect an array of hashes with nested values for photos. So can I whitelist it? And the other question is how can I make to save the uuid attribute which exists in the model when it is getting saved, but isn't appearing in the actual sql query?

@rafaelfranca Yes, that is what I've tried, params return this then:

Unpermitted parameters: image, title, _destroy
{
    #...
    "photos_attributes" => {
        "1362762269211" => {}
    }
}

But it skips the hash inside.

@fxn

This comment has been minimized.

Show comment
Hide comment
@fxn

fxn Mar 8, 2013

Member

I cannot try now, but if my memory is not wrong (rare, but sometimes it happens!) I believe you can declare the atributes as if they were direct children. Strong parameters special-cases hashes whose keys are integers.

Member

fxn commented Mar 8, 2013

I cannot try now, but if my memory is not wrong (rare, but sometimes it happens!) I believe you can declare the atributes as if they were direct children. Strong parameters special-cases hashes whose keys are integers.

@firedev

This comment has been minimized.

Show comment
Hide comment
@firedev

firedev Mar 8, 2013

In fact this worked, thanks!

.permit( ..., :photos_attributes => ['title', 'image', '_destroy'])

firedev commented Mar 8, 2013

In fact this worked, thanks!

.permit( ..., :photos_attributes => ['title', 'image', '_destroy'])

@firedev firedev closed this Mar 8, 2013

@fxn

This comment has been minimized.

Show comment
Hide comment
@fxn

fxn Mar 8, 2013

Member

@senny maybe we could add it to the "more examples" section?

Member

fxn commented Mar 8, 2013

@senny maybe we could add it to the "more examples" section?

@senny

This comment has been minimized.

Show comment
Hide comment
@senny

senny Mar 8, 2013

Member

@fxn I'll add an example for hashes with integer keys!

Member

senny commented Mar 8, 2013

@fxn I'll add an example for hashes with integer keys!

@senny

This comment has been minimized.

Show comment
Hide comment
@senny

senny Mar 9, 2013

Member

I added the example: rails/docrails@1d8b566

Member

senny commented Mar 9, 2013

I added the example: rails/docrails@1d8b566

@fxn

This comment has been minimized.

Show comment
Hide comment
@fxn

fxn Mar 9, 2013

Member

Fantastic Yves!

Member

fxn commented Mar 9, 2013

Fantastic Yves!

sgerrand pushed a commit to sgerrand/rails that referenced this issue Nov 2, 2013

@silvagustin silvagustin referenced this issue in silvagustin/xaver-blog-2 May 6, 2017

Open

Post puede tener una foto #6

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.