Would anybody who has more experience with Rails 4 be able to help me out. I'm currently going through "Rails 4 in Action" and I'm having trouble getting one of the specs from the book to pass (specifically from chapter 7.5: Basic Access control -- Namespaced-based CRUD). I have a spec that creates a FactoryGirl User with admin privileges and tries to create a new user that has admin privileges.
spec/features/admin/creating_users_spec.rb
require 'spec_helper'
feature "Creating Users" do
let!(:admin) { FactoryGirl.create(:admin_user) }
before do
sign_in_as!(admin)
visit '/'
click_link "Admin"
click_link "Users"
click_link "New User"
end
scenario 'Creating a new user' do
fill_in "Email", with: "[email protected]"
fill_in "Password", with: "hunter2"
click_button "Create User"
expect(page).to have_content("User has been created.")
end
end
When I run this spec, I believe I keep getting a "Password Confirmation can't be Blank error".
`$ bin/rspec spec/features/admin/creating_users_spec.rb`
DEPRECATION WARNING: You didn't set config.secret_key_base. Read the upgrade
documentation to learn more about this new config option. (called from get at
/home/sean/.rvm/rubies/ruby-2.0.0-p195/lib/ruby/2.0.0/forwardable.rb:171)
F
Failures:
1) Creating Users Creating a new user
Failure/Error: expect(page).to have_content("User has been created.")
expected there to be text "User has been created." in "Signed in as: username Admin Sign out User has not been created. New User 1 error prohibited this user from being saved: Password confirmation can't be blank Email Password Is an admin?"
# ./spec/features/admin/creating_users_spec.rb:19:in `block (2 levels) in <top (required)>'
Finished in 2.82 seconds
1 example, 1 failure
Failed examples:
rspec ./spec/features/admin/creating_users_spec.rb:15 # Creating Users Creating a new user
Randomized with seed 56202
Here is the factory that creates it:
FactoryGirl.define do
sequence(:email) {|n| "user#{n}example.com" }
factory :user do
name "username"
email { generate(:email) }
#email "[email protected]"
password "hunter2"
password_confirmation "hunter2"
factory :admin_user do
admin true
end
end
end
Here is the admin controller:
class Admin::UsersController < Admin::BaseController
def new
@user = User.new
end
def index
@users = User.order(:email)
end
def create
@user = User.new(user_params)
if @user.save
flash[:notice] = "User has been created."
redirect_to admin_users_path
else
flash.now[:alert] = "User has not been created."
render action: "new"
end
end
private
def user_params
params.require(:user).permit(:name, :password, :password_confirmation)
end
end
And here is the user model:
class User < ActiveRecord::Base
attr_accessible :name, :password, :password_confirmation
has_secure_password
end
And then lastly here is the admin view form where all this information is filled:
<%= form_for [:admin, @user] do |f| %>
<% if @user.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@user.errors.count, "error") %> prohibited
this user from being saved:</h2>
<ul>
<% @user.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<p>
<%= f.label :email %>
<%= f.text_field :email %>
</p>
<p>
<%= f.label :password %>
<%= f.password_field :password %>
</p>
<p>
<%= f.check_box :admin %>
<%= f.label :admin, "Is an admin?" %>
</p>
<%= f.submit %>
<% end %>
I have no idea how to fix this. I've tried creating another field in the form for a password confirmation, and then included a fill_in within the spec, but that didn't do anything. I feel like it has something to do with the model having some sort of restriction, not allowing a user to be created unless there's a password confirmation. But I'm not so sure. If anyone can help, I'd really appreciate it.
I've tried creating another field in the form for a password confirmation, and then included a fill_in within the spec, but that didn't do anything.
Put that back in, then delete the entire attr_accessible line in the User model.
Mass-assigned attributes are permitted by default in Rails 4 as part of it's strong parameters strategy -- you don't have to explicitly whitelist attributes in the model.
If this doesn't work, post an updated view including the new password_confirmation form field and spec.