routing_concerns icon indicating copy to clipboard operation
routing_concerns copied to clipboard

Published 20 hours ago verified publisher icon rails

This gem breaks all ActiveRecord queries in Rails 4.1.5!

Open bpartridge opened this issue 10 years ago • 4 comments

This gem is absolutely no longer needed, since Rails 4 has concerns now, but if it's still hanging out in your Gemfile, it'll be the culprit that breaks your entire app if you do an upgrade from Rails 3 now. I'm posting this issue so it'll show up when people search for the problem, and warn people against using this gem in the future (though it was great when it lasted!).

What happens is that routing_concerns provides its own version of active_model/forbidden_attributes_protection.rb which changed in 4.1.5, and the new method, specifically sanitize_forbidden_attributes, is called by every query with a where-clause in ActiveRecord. A symptom is:

NoMethodError (undefined method `sanitize_forbidden_attributes' for #<User::ActiveRecord_Relation:*>)

deep in Devise/Warden if you're using one of those for user authentication.

The fix is simple: remove this gem and update Rails to 4.1.5!

bpartridge avatar Sep 04 '14 15:09 bpartridge

@bpartridge i am facing this issue, I am using rails 4.1.2 , kindly tell me which gem exactly i have to remove properly. I am not getting it. Following is my gemfile: source 'https://rubygems.org'

#gem 'rails', '3.2.13' gem 'rails', '4.1.2' gem 'acts_as_list' gem 'devise' gem 'bcrypt-ruby', '3.1.2' gem 'ejs' gem 'jquery-rails' gem 'jquery-ui-rails' gem 'rabl' gem 'therubyracer' gem 'thin' gem 'eventmachine' gem 'protected_attributes' gem 'bootstrap-sass' gem 'autoprefixer-rails' gem 'bootstrap_form' group :assets do gem 'coffee-rails'#, '~> 3.2.1' gem 'less-rails' gem 'sass-rails'#, '~> 3.2.3' gem 'uglifier', '>= 1.0.3' end

group :development do gem 'annotate' gem 'better_errors' gem 'binding_of_caller' gem 'byebug' #gem 'debugger' gem 'meta_request' gem 'pry-rails' gem 'rails-erd' gem 'seed_dump'

end

group :development, :test do gem 'sqlite3' gem 'mysql' end

group :production, :staging do gem 'pg' end

haseeb-ahmad avatar Jul 13 '15 13:07 haseeb-ahmad

Can you specify clearly which gem you are talking about.

HamzaK106 avatar Jul 21 '16 06:07 HamzaK106

It's been many years since I identified this issue, and I have no idea if it is still relevant at all. For all of you encountering it, you might want to run gem dependency -R to find if any of your existing gems use routing_concerns. You will then want to make sure those gems are updated or fixed. If routing_concerns does not appear in the list, then the problem is likely something different.

bpartridge avatar Jul 21 '16 15:07 bpartridge

@haseeb-ahmad your problem is mostly from the protected_attributes gem. I get the same error. Were you able to resolve it?

lekansogunle avatar Aug 10 '18 09:08 lekansogunle