Skip to content

Using protected_attributes in Rails 4

Jump to bottom Edit New page
Cedric Dussud edited this page Aug 29, 2016 · 1 revision

If you use the protected_attributes gem in Rails 4 Doorkeeper may issue the following warning and error:

WARNING: Can't mass-assign protected attributes for Doorkeeper::AccessGrant: application_id, resource_owner_id, expires_in, redirect_uri, scopes
ActiveRecord::RecordInvalid: Validation failed: Resource owner can't be blank, Application can't be blank, Expires in can't be blank, Redirect uri can't be blank

This is because Doorkeeper uses Rails 4 strong parameters. One workaround is to put the following monkey patch in an initializer.

Doorkeeper::AccessGrant.class_eval do
  attr_accessible :application_id, :resource_owner_id, :expires_in, :redirect_uri, :scopes
end

Doorkeeper::AccessToken.class_eval do
  attr_accessible :application_id, :resource_owner_id, :scopes, :expires_in, :use_refresh_token
end

This explicitly whitelists these attributes so that Doorkeeper can assign them

Add a custom footer
Add a custom sidebar
Clone this wiki locally