Rails 4 - mailboxer attr_accessible

StackOverflow https://stackoverflow.com/questions/18216669

Question

I'm trying to get Mailboxer on Rails4 working, but didn't had any luck with this.

my conversations_controller.rb looks like this -> 

class ConversationsController < ApplicationController
before_filter :authenticate_user!
helper_method :mailbox, :conversation

def create
    recipient_emails = conversation_params(:recipients).split(',')
    recipients = User.where(email: recipient_emails).all

    conversation = current_user.
        send_message(recipients, *conversation_params(:body, :subject)).conversation

    redirect_to conversation
end

def reply
    current_user.reply_to_conversation(conversation, *message_params(:body, :subject))
    redirect_to conversation
end

def trash
    conversation.move_to_trash(current_user)
    redirect_to :conversations
end

def untrash
    conversation.untrash(current_user)
    redirect_to :conversations
end

private

def mailbox
    @mailbox ||= current_user.mailbox
end

def conversation
    @conversation ||= mailbox.conversations.find(params[:id])
end

def conversation_params(*keys)
    fetch_params(:conversation, *keys)
end

def message_params(*keys)
    fetch_params(:message, *keys)
end

def fetch_params(key, *subkeys)
    params[key].instance_eval do
        case subkeys.size
            when 0 then self
            when 1 then self[subkeys.first]
            else subkeys.map{|k| self[k] }
        end
    end
end

end

and my application_controller.rb like this ->

class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception



protected

def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) do |u|
        u.permit(:name, :email, :password, :password_confirmation, :provide, :uid)
    end
    devise_parameter_sanitizer.for(:account_update) do |u|
        u.permit(:name, :email, :password, :current_password, :password_confirmation, :first_name, :last_name, :user_bio,
                         :country, :gender, :facebook_link, :twitter_link, :pinterest_link, :provider, :uid, :recipients, :body,
                         :subject, :conversations, :conversation, :message, :mailbox)
    end
end

def conversations_params
    params.require(:conversations).permit(:recipients, :body, :subject,
                                                                                :conversations, :conversation, :message)
end

end

On loading a Page i Get -> 

`attr_accessible` is extracted out of Rails into a gem. Please use new recommended protection model for params(strong_parameters) or add `protected_attributes` to your Gemfile to use old one.
Was it helpful?

Solution

Based on https://github.com/ging/mailboxer/pull/159, you can either:

  • add protected_attributes to your gemfile
  • use the master branch of ging/mailboxer
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top