Ruby on Rails: I cannot create a new user

Question

When I sent to the terminal with $ curl -X POST '{"user": {"name": "hogehoge", "email": "hogehoge@gmail.com", "icon_url": "hogehoge", "location": "hogehgoe", "password": "hogehoge"}}' localhost:3000/v1/users on my application directory for creating a new user, I had an error.

{
  "status": 400,
  "error": "Bad Request",
  "exception": "#<ActionController::ParameterMissing: param is missing or the value is empty: user>",
  ・・・
  ・・・
  ・・・
}

at the server log

Started POST "/v1/users" for 127.0.0.1 at 2018-12-11 16:55:56 +0900
Processing by V1::UsersController#create as JSON
  Parameters: {"name"=>"hogehoge", "email"=>"hogehoge@gmail.com", "icon_url"=>"hogehoge", "location"=>"hogehoge", "password"=>"[FILTERED]"}
Completed 400 Bad Request in 1ms



ActionController::ParameterMissing (param is missing or the value is empty: user):

app/controllers/v1/users_controller.rb:52:in `user_params'
app/controllers/v1/users_controller.rb:20:in `create'

I thought user_params was satisfied with correct parameters, but it didnot.

This is my user_controller.rb

module V1
  class UsersController < ApiController
    before_action :set_user, only: [:show, :update, :destroy]
    skip_before_action :authenticate_user_from_token!, only: [:show, :index, :create]



    # POST /users
    def create
      @user = User.new(user_params)

      if @user.save
        render json: @user, serializer: V1::UserSerializer
      else
        render json: @user.errors, status: :unprocessable_entity
      end
    end


    private
    # Use callbacks to share common setup or constraints between actions.
    def set_user
      @user = User.find(params[:id])
    end

    # Only allow a trusted parameter "white list" through.
    def user_params
      params.require(:user).permit(:name, :email, :location, :icon_url, :password)
      p params
    end
  end
end

why did HTTP sent to me with 400 bad status code?

---

As you said, I sent to the terminal with this JSON params to localhost:3000/v1/users .

{
 "user": 
    {
    "name": "hogehoge",
    "email": "hogehoge@gmail.com",
    "icon_url": "hogehoge",
    "location": "hogehoge",
    "password": "hogehoge"
    }
}   

but now HTTP status sent 500 internal server error to me. This is a new error code.

Started POST "/v1/users" for 127.0.0.1 at 2018-12-11 17:33:50 +0900
Processing by V1::UsersController#create as JSON
  Parameters: {"user"=>{"name"=>"hogehoge", "email"=>"hogehoge@gmail.com", "icon_url"=>"hogehoge", "location"=>"hogehoge", "password"=>"[FILTERED]"}}
<ActionController::Parameters {"user"=><ActionController::Parameters {"name"=>"hogehoge", "email"=>"hogehoge@gmail.com", "icon_url"=>"hogehoge", "location"=>"hogehoge", "password"=>"hogehoge"} permitted: false>, "format"=>:json, "controller"=>"v1/users", "action"=>"create"} permitted: false>
Completed 500 Internal Server Error in 34ms (ActiveRecord: 2.0ms)



ActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):

app/controllers/v1/users_controller.rb:20:in `create'

Answer 1

Your View

You are not passing any hash having key user in your params,

  Parameters: {"name"=>"hogehoge", "email"=>"hogehoge@gmail.com", "icon_url"=>"hogehoge", "location"=>"hogehoge", "password"=>"[FILTERED]"}

If you are creating your user by form by form_for , it will look like,

  Parameters: { "user" => { "name"=>"hogehoge", "email"=>"hogehoge@gmail.com", "icon_url"=>"hogehoge", "location"=>"hogehoge", "password"=>"[FILTERED]" } }

You are passing user params by input tag for sure. So how you are supposed to use strong parameters!

Answer 2

It looks like you left debug code in your #user_params so it won't return the right object:

# Only allow a trusted parameter "white list" through.
def user_params
  params.require(:user).permit(:name, :email, :location, :icon_url, :password)
  p params
end