ruby-on-rails - MassAssignmentSecurity error while attr_accessible has been called

Question

I'm following along with this tutorial and at one point, it tells me to

... add password and password_confirmation attributes to the User model [...] Unlike the other attributes we’ve seen so far, the password attributes will be virtual—they will only exist temporarily in memory, and will not be persisted to the database.

And

As we’ll see in Section 6.3.4, these virtual attributes are implemented automatically by has_secure_password.

My model looks like this:

class User < ActiveRecord::Base
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  has_secure_password
  attr_accessible :email, :is_admin, :name, :password, :password_confirmation
  validates :name, presence: true, uniqueness: true
  validates :password_digest, presence: true
  validates :password, presence: true, length: { minimum: 6 }
  validates :password_confirmation, presence: true
  validates :email, presence: true, format: {with: VALID_EMAIL_REGEX}, uniqueness: true
end

So now when I try to create a new user;

User.create(name: "Foo Bar", email: "foo@bar.net", password: "foobar", password_confirmation: "foobar")

I get the following error:

ActiveModel::MassAssignmentSecurity::Error: Can't mass-assign protected attributes: password, password_confirmation

Why?!

score 2 · Accepted Answer

The issues seemed as though the password and password_confirmation columns were missing in the database.

As per the comment, re-migrating and restarting the server would fix this problem.

ruby-on-rails - MassAssignmentSecurity error while attr_accessible has been called

1 に答える 1

Related

Reference