Param not allowed

[peco8]

Hi!

I've been struggling to pass attributes when I migrate JU from JR.

{
  "errors": [
    {
      "title": "Param not allowed",
      "detail": "stripe_plan_id is not allowed.",
      "code": "105",
      "status": "400"
    }
  ]
}

I could turn this config.raise_if_parameters_not_allowed = true into false, however I still see some error within meta.

Could you suggest how I could work this around?
Maybe resource_params checks stripe_plan_id and raise an error somehow so that it can not reach the endpoint #create.

#app/resources/api/v1/plan_resource.rb
class Api::V1::PlanResource < JSONAPI::Resource
  immutable

  attributes :uuid,
             :stripe_plan_id,
             :name,
             :description,
             :amount,
             :currency,
             :interval,
             :is_active,
             :activated_at,
             :disabled_at,
             :created_at,
             :updated_at

  has_one :subscription, class_name: 'Subscription'
end

#app/controllers/api/v1/plans_controller.rb
module Api
  module V1
    class PlansController < Api::V1::ApiController
      before_action only: [:create] { check_type_of('plans') }

      def index
        jsonapi_render json: Plan.all
      end

      def show
        jsonapi_render json: Plan.find(params[:id])
      end

      def create
        form = PlanCreateForm.new plan_params
        form.validate!

        @result = Plan::Create.call(form.attributes)
        if @result.errors.blank?
          # render json: jsonapi_serialized_body(result: @result, resource_name: 'plan'), status: 201 # :created
          jsonapi_render json: @result, status: 201 # :created
        else
          errors = jsonapi_errors(@result)
          response = { errors: errors }
          render json: response, status: 422 # :unprocessable_entity
        end
      end

      private

      def plan_params
        @plan_params ||= params.require(:data).require(:attributes)
      end
    end
  end
end

[tiagopog]

Hey there!

Well, I see that theApi::V1::PlanResource is declared as immutable, it will be treated then as a read-only resource. I suppose it may be the source of the error, since it may affect the resource's creatable fields list (not sure about that, JR's stuff) which, in turn, will be used to validate the params allowed for such request before the action actually gets executed.

The weird thing is that your said it wasn't happening with JR 🤔

Anyway, can you check the creatable fields of your resource, and give me feedback:

Api::V1::PlanResource.creatable_fields({}) #=> ?

[tiagopog]

Tip:

if @result.errors.blank?
  jsonapi_render json: @result, status: :created
else
  jsonapi_render_errors json: @result, status: :unprocessable_entity
end

:-)

[peco8]

I tested out

[6] pry(main)> Api::V1::PlanResource.creatable_fields({})
=> [:subscription, :id, :uuid, :stripe_plan_id, :name, :description, :amount, :currency, :interval, :is_active, :activated_at, :disabled_at, :created_at, :updated_at]

stripe_plan_id is creatable field.. 😭

yea, it wasn't happening in JR. ummmm

[peco8]

Maybe I found out.
I used to use jsonapi-resources (0.8.0), but this library brought me jsonapi-resources (0.7.0).
Hope this helps!

gem 'jsonapi-utils', '~> 0.4.8'

You have requested to uninstall the gem:
        jsonapi-resources-0.7.0

jsonapi-utils-0.4.8 depends on jsonapi-resources (~> 0.7.0)
If you remove this gem, these dependencies will not be met.
Continue with Uninstall? [yN]  y

[tiagopog]

It should be working fine for those versions you're using. I will try to take a deeper look later.

[TrevorHinesley]

I'm also seeing this and I'm using jsonapi-utils 0.5.1 with jsonapi-resources 0.8.3

[tiagopog]

@peco8, @TrevorHinesley:

I decided to investigate this case a little bit further and I figured out that the error is occurring due to the configuration of the key formatter that's being used.

Say we have this PostResource with the user_id attribute:

class PostResource < JSONAPI::Resource
  attributes :title, :body, :user_id
  has_one :author
end

When the request is parsed – using the JR's JSONAPI::Request or JSONAPI::RequestParser – it formats the allowed keys (i.e. creatable_fields), according to the configured key formatter, just before checking whether the params' keys are present among those allowed keys.

Long story short, it's checking this:

%i(user-id).include?(:user_id) #=> false

See what happens when JR parses the request:

To confirm the hypothesis then I looked for the key formatter:

[8] pry> JSONAPI.configuration.json_key_format
#=> :dasherized_key

So hopefully in order to fix this issue you just need to set the proper key formatter:

# config/initializers/jsonapi-resouces.rb
JSONAPI.configure do |config|
  # ...
  config.json_key_format = :underscored_key
end

[peco8]

@tiagopog

Hey, sorry for the late reply.
That works! Thank you so much!! 🎉

Actually, I found that I set up the config.json_key_format = :underscored_key when I used jsonapi-resources. (I forgot doing this because I set up long time ago..)

I think this is worth to mention in README.md for those who want to move from jsonapi-resources.

I'll close this issue! yay!