Protected Attributes breaks Heroku deployment of Rails 4 apps
burlesona opened this issue · comments
Using Rails 4.0.0.beta1 with protected_attributes makes heroku deployments fail on precompilation, even using config.assets.initialize_on_precompile = false
and heroku labs user-env-compile
. Here's a sample of the stack trace:
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_record/mass_assignment_security/attribute_assignment.rb:15:in `attributes_protected_by_default'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:332:in `block in protected_attributes_configs'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:217:in `yield'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:217:in `protected_attributes'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:123:in `block in attr_protected'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:122:in `each'
/tmp/build_2ts1np9ko79to/vendor/bundle/ruby/2.0.0/gems/protected_attributes-1.0.0/lib/active_model/mass_assignment_security.rb:122:in `attr_protected'
I have no idea why this is the case, but removing protected_attributes
from my gemfile immediately fixed the problem.
I'll do some more research and post notes if I figure out what the gem was doing that caused this problem, but in the mean time I wanted to post this issue in case others are running into the same problem.
Is this still valid?
I believe this is still valid.
The issue is if attr_protected is used, then rails will try to connect to the DB at startup. This prevents asset compilation in an environment where the DB is not available - eg, when building the app into a Docker image.
This is triggered by the call to primary_key in ActiveRecord::MassAssignmentSecurity::AttributeAssignment#attributes_protected_by_default
I don't know if this is fixable or if it just needs to detect the lack of DB connection and show an error message with a suggested solution (ie manually set the primary key in the model)?
I resorted to monkey patching the attr_protected
method to do nothing if a certain environment variable is set (which we set when we call assets:precompile
)