Search code examples
ruby-on-railsrubyactiverecordomniauth

Can't mass-assign protected attributes for Delayed::Backend:ActiveRecord::Job: priority queue, payload_object

i'm in the process of migrating my app to 4.1 and having some troubles with this error:

Failure/Error: get :facebook
 ActiveModel::MassAssignmentSecurity::Error:
   Can't mass-assign protected attributes for Delayed::Backend::ActiveRecord::Job: priority, queue, payload_object
 # ./app/models/user.rb:457:in `subscribe_to_mailchimp'
 # ./app/controllers/users/omniauth_callbacks_controller.rb:14:in `facebook'
 # ./config/initializers/log_formatter.rb:22:in `block (2 levels) in <top (required)>'
 # ./config/initializers/log_formatter.rb:21:in `block in <top (required)>'
 # ./spec/controllers/users/omniauth_callbacks_controller_spec.rb:23:in `block (3 levels) in <top (required)>'

Spec:

describe Users::OmniauthCallbacksController, ci: true do
  describe "when authenticating" do
    let(:user) do
      Fabricate(:user) 
    end
    let(:social_media_account) do
      Fabricate(:social_media_account, uid: "12345", provider: "facebook", user: user) 
    end

    before do
      term = Fabricate(:term, name: "application")
      user.terms << term
      Fabricate(:project)
    end

    it "redirects to cookied URL" do
      @request.env["devise.mapping"] = Devise.mappings[:user]
      @request.env["omniauth.params"] = {'state' => "google.com"}
      allow(controller).to receive(:find_social_media_account) {true}
      controller.instance_variable_set(:@social_media_account, social_media_account)
      get :facebook
      expect(controller).to redirect_to("google.com")
    end

  end
end

User.rb:347:

def subscribe_to_mailchimp
  if confirmed_at_changed? && self.confirmed?
    Delayed::Job.enqueue UserMailchimpWorker.new(self.id)
  end
end

OmniauthCallbacksController.rb:14:

def facebook
  if @social_media_account
    @user = @social_media_account.user
    if @user
      remember_me(@user)
      set_avatar_from_facebook unless @user.has_third_party_avatar?
      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => 'Facebook'
      login_and_redirect_back
    else
      setup_user_from_oauth
    end
  elsif current_user
    @user = current_user
    remember_me(@user)
    set_avatar_from_facebook unless @user.has_third_party_avatar?
    current_user.social_media_accounts.create!(attributes_for_social_media_account)
    flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => 'Facebook'
    redirect_back_or_default(root_path)
  else
    setup_user_from_oauth
  end
end

Does this have something to do with strong_params? Could someone please help me figure this out?

Solution

  • I moved the "protected_attributes" gem above the "delayed_job_active_record" gem and it fixed this problem.