Search code examples
ruby-on-railsrubyactiverecordruby-on-rails-4

Active Model Forbidden attributes error

would someone be able to help me understand this error. I am trying to create a contact form in rails following the building web apps tutorial. I followed the steps to generate a message scaffold. I then amended my routes. Next it said to put this into the messages controller show action. 

if @message.save
  flash[:notice] = 'Thanks for Your Message'
  format.html { redirect_to root_path }

I have done this and i am getting the following error ActiveModel::ForbiddenAttributesError in MessagesController#create ActiveModel::ForbiddenAttributesError

This is my message controller file

class MessagesController < InheritedResources::Base 
  def show
     if @message.save
      flash[:notice] = 'Thanks for Your Message'
      format.html { redirect_to root_path }
     end
  end
end

My routes file is as follows

# devise_for :users

resources :products do resources :orders, only: [:new, :create] #tells rails needs product id number end

  # get 'pages/payment'

  get 'home/about'

  get 'messages/new'

  get 'seller' => "products#seller"

  get 'sales' => "orders#sales"

  get 'static_pages/productlanding'

  get "content/veg"

  get "content/fruit"

  get "content/mix"

  get 'subscriptions/new'

  root 'static_pages#home'
Solution

  • i have managed to sort this with the following! Thanks for all the help

    class MessagesController < ApplicationController
  before_action :set_message, only: [:show, :edit, :update, :destroy]

  # GET /messages
  # GET /messages.json
  def index
    @messages = Message.all
  end

  # GET /messages/1
  # GET /messages/1.json
  def show
  end

  # GET /messages/new
  def new
    @message = Message.new
  end

  # GET /messages/1/edit
  def edit
  end

  # POST /messages
  # POST /messages.json
  def create
    @message = Message.new(message_params)

    respond_to do |format|
      if @message.save
        flash.now[:notice] = 'Thank you for your message!'
        format.html { redirect_to root_path }
        format.json { render :show, status: :created, location: @message }
      else
        format.html { render :new }
        format.json { render json: @message.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /messages/1
  # PATCH/PUT /messages/1.json
  def update
    respond_to do |format|
      if @message.update(message_params)
        format.html { redirect_to @message, notice: 'Message was successfully updated.' }
        format.json { render :show, status: :ok, location: @message }
      else
        format.html { render :edit }
        format.json { render json: @message.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /messages/1
  # DELETE /messages/1.json
  def destroy
    @message.destroy
    respond_to do |format|
      format.html { redirect_to messages_url, notice: 'Message was successfully destroyed.' }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_message
      @message = Message.find(params[:id])
    end

    .
    def message_params
      params.require(:message).permit(:name, :email, :company, :phone, :subject, :body)
    end
end