Turns out I have to permit params independently for active admin like this
ActiveAdmin.register Model do
controller do
def permitted_params
params.permit!
end
end
end
Question
I have a model for which I am permitting all updates for an admin user.
This is the relevant code in the controller and model :
private:
class ModelsController < ApplicationController
def model_params
params.require(:model).permit! if current_user.admin?
end
def update
@model = Model.find(params[:id])
respond_to do |format|
if @model.update_attributes(model_params)
format.html { redirect_to @model, notice: 'model was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: "edit",flash:
{error:@model.errors.full_messages.join(', ')} }
format.json { render json: @model.errors, status: :unprocessable_entity }
end
end
end
end
class Model < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection
end
However, when I update attributes from the active admin edit page, I still get the ActiveModel::ForbiddenAttributesError
Relevant Gems: Rails4, Ruby2.0, activeadmin
Solution 2
Turns out I have to permit params independently for active admin like this
ActiveAdmin.register Model do
controller do
def permitted_params
params.permit!
end
end
end
OTHER TIPS
I had the same problem. You can also specify which fields is permitted.
ActiveAdmin.register Post do
permit_params :title, :content
end