Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Ruby

Posted by Ulises Reyes
Ulises Reyes
9,152 Points

Should I Restart the Whole Tutorial?

Im currently on the Rails Development path and have made it up until 'Customizing Forms' in "Build a Simple Ruby on Rails Application'. However, I made the mistake of choosing to use Ruby 2, Rails 4, and Bootstrap 3.

Currently my knowledge of ruby is too low to understand / figure out strong parameters, and I'm unable to change the user_id of the individual posts. Should I try to figure it out, or restart the whole tutorial using an older version of rails and bootstrap? Would it be beneficial to do so? It just seems like so much has changed.

Matthew Van Dusen
Matthew Van Dusen
4,039 Points

What issues are you running into?

I am working from a similar build and have run into a few problems, but nothing that can't be solved with the help of stackoverflow and github.

Example the simple_form gem with built in bootstrap is by default setup to work with 2.3. After minimal searching I was able to find this simple solution from @tokenvolt on github: https://gist.github.com/tokenvolt/6599141

let me know what problems you have run into I might have found a solve myself:

best of luck:

7 Answers

Mike Morales
Mike Morales
19,833 Points
Mike Morales
Mike Morales
19,833 Points

Ulises -

I must have started over from scratch at least 10 - 12 times before I finally got things working. I spent almost an entire month, and I almost gave up but after all that I now have 18 commits, and, I just achieved the Creating Friendships badge, and now I am working on the next one.

Its not a bad idea to try and figure things out but you may find yourself scratching your head more times than you'd like, too. I definitely recommend starting over from scratch and using and older version. Hang in there!

Naomi Freeman
STAFF
Naomi Freeman
Treehouse Guest Teacher
Naomi Freeman
Naomi Freeman
Treehouse Guest Teacher

Strong params isn't too bad :) I had the advantage of doing a bootcamp this summer. I found it difficult to follow along so started Treehouse. The combination has helped me a lot.

I figured this out over the summer, so hopefully I've remembered everything. Give this a go and see if it helps:

in app - controllers - application_controller.rb you want this:

class ApplicationController < ActionController::Base before_filter :configure_permitted_parameters, if: :devise_controller? # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception

protected

def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_in) do |u| u.permit(:profile_name, :email, :password) end devise_parameter_sanitizer.for(:sign_up) do |u| u.permit(:email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :profile_name) end devise_parameter_sanitizer.for(:account_update) do |u| u.permit(:email, :password, :password_confirmation, :current_password, :remember_me, :first_name, :last_name, :profile_name) end end

end

The danger, from what I’m understanding from reading, is that this overrides multiple things at once.

In app/controllers/statuses_controller.rb

you want this:

# Never trust parameters from the scary internet, only allow the white list through. def status_params params.require(:status).permit(:content, :user_id) end

I think I've included all the necessary changes...

I went looking for the docs I found on it this summer but can't re-find them. It just talked about the shift from attr_accessible.

Just remember as you're updating anything in the .permit area that if you change it in your view, say from profile_name to user_name, your app will throw an error, because "user_name" isn't a permitted field, and it thinks the scary internet is trying to infiltrate your app in horrible ways. You have to update what is permitted as you update any fields in the view.

Another thing that tripped me up while building this part of the app was the full_name. Make sure it's defined in your model before you put it in your view. And when you update it, make sure you change what is in the .permit.

Ooh another trip-up was changing my names of things and forgetting to migrate my database. Don't forget that.

Anyways, let me know how this goes.

P.S. There's no error in using the most contemporary version of Rails :) It's the only way forward lol One of my biggest challenges with Ruby/Rails has been that, every time I learn something, they release something new. It's just a thing with the language you have to learn.

Heads up that deployment will kill you. The guides on here are wrong and the guides in the real world are wrong for their own systems lol I've been pushing through it with the support of bootcamp people, instructors at a major company and my own bullheaded willpower since the summer. I do believe this morning I finally correctly pushed a Rails app to Heroku! We got one up in October but I couldn't figure out how - what, precisely, finally did it. This past week, using that and a lot of other info, I do believe I did it right.

I'm going to do it again on another app tomorrow and if it's successful I think I'm going to write up a couple of blog posts on it.

Have a good one!

Matthew Van Dusen
Matthew Van Dusen
4,039 Points
Matthew Van Dusen
Matthew Van Dusen
4,039 Points

there is now a Devise version supporting Rails 4: Devise 3.0.0.rc Gemfile: gem 'devise', github: 'plataformatec/devise', branch: 'rails4' In generated model, remove the attr_accessible stuff. Enable Strong Parameters for Devise instead of attr_accessible.

To do so, create a new initiliazer with that content:

DeviseController.class_eval do
      def resource_params
        unless params[resource_name].blank?
          params.require(resource_name).permit(:email, :password, :password_confirmation, :remember_me)
        end
      end
    end
Julian Price
Julian Price
11,760 Points
Julian Price
Julian Price
11,760 Points

Probably so if that's what you think. I had just pause to come back too. Or you could just skip to next session and have found to give clarity later.

Ed Charbeneau
Ed Charbeneau
1,346 Points
Ed Charbeneau
Ed Charbeneau
1,346 Points

One problem you're going to run into when moving from Rails 3 to 4 is that attr_accessible has been changed. If you want to continue with the using Rails 4 but are having trouble with attr_accessible and strong parameters, you could try this gem https://github.com/rails/protected_attributes

The protected_attributes gem adds the attr_accessible functionality back to your application. It should get you past your problem setting the user_id, then you can learn more about why it was changed in Rails 4 later on after you finish the tutorial.

Ulises Reyes
Ulises Reyes
9,152 Points

The problem is that I already added the attr_accessible gem. It got rid of the error messages, but for some reason the user_id doesn't save when I edit a post. My conclusion was to redo the tutorial using ruby 3, and familiarize myself with the differences in rails 4 after goinf through the "Ruby Foundations" deep dive.

I know absolutely 0 Ruby right now, so I figured that spending hours solving the problem now will only leave me confused since I'd be doing a lot of copy/pasting and not that much learning.

Naomi Freeman
Naomi Freeman
Treehouse Guest Teacher
Naomi Freeman
Naomi Freeman
Treehouse Guest Teacher

The difference between attr_accessible and strong params is as simple as this:

http://stackoverflow.com/questions/17450185/forbidden-attributes-error-in-rails-4-when-encountering-a-situation-where-one-wo

The complexity in the code in this project comes from using the "crutch" of devise, which is really a copy/paste. In the long run it can be simpler to learn how to code your own login.

The attr_accessible gem may not be compatible with/fix the challenges of devise, which is its own gem. This is why I suggested just coding it. I'm not familiar with the attr_accessible gem, but I assume it changes things like in the link I'm posting above in this comment. The problem is that devise doesn't set things up like that.

It's devise that's the challenge, not the change from attr_accessible to strong params.

Ed Charbeneau
Ed Charbeneau
1,346 Points

"It's devise that's the challenge, not the change from attr_accessible to strong params."

Yes, other people have had that issue too. https://teamtreehouse.com/forum/devise-ruby-4-attraccessible

Ulises Reyes
Ulises Reyes
9,152 Points

WOW! Thanks for the help! This has really been great! I think ill stick with the rails 3 version just to avoid silly conflicts, but I'll definitely implement these things once I start fiddling around and working on my own projects with rails.

Ed Charbeneau
Ed Charbeneau
1,346 Points
Ed Charbeneau
Ed Charbeneau
1,346 Points

Sorry, network lag caused a double post. Delete me.

Adam Posey
PLUS
Adam Posey
Courses Plus Student 7,823 Points
Adam Posey
Adam Posey
Courses Plus Student 7,823 Points

Honestly, I've given up on following it through. Since they're using 1.9.3, 3.2, and 2.3 the odds are good that further deviation from the tutorials as they advance will be a problem. You will find with Simple Form that things just flat out stop working how they're supposed to, and moreover you'll find that you're not getting errors where they're expected, and getting errors where they're unexpected which rapidly lowers the value of following a tutorial in the first place.

You may actually be better off to swap over to the Rails 4 ToDo app tutorial and build on that. I'm considering it.