rails_admin: Can not edit or create new records in rails admin

I have a problem with crating and updating records with rails_admin. For update I get the 404 error, where POST actions is not found: {"status":404,"error":"Not Found","exception":"#\u003cActionController::RoutingError: No route matches [POST] \"/admin/api_key/1/edit\"....

But if i look in the routes file, i see it’s registered at PUT method.

For creating new record i get: {"status":422,"error":"Unprocessable Entity","exception":"#\u003cActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken\u003e","traces":{"Application Trace":[],"Framewor....

my config file: RailsAdmin.config do |config| config.actions do dashboard # mandatory index # mandatory new export bulk_delete show edit delete show_in_app end end

my route setting: Rails.application.routes.draw do mount RailsAdmin::Engine => '/admin', as: 'rails_admin'

About this issue

Original URL
State: closed
Created 7 years ago
Reactions: 10
Comments: 16 (2 by maintainers)

Commits related to this issue

[Security] Fixes CSRF vulnerability, introduced by 53eef4fe2ec0953381f4e3197c885adc0423dd49 Reported by SourceClear, Inc. — committed to railsadminteam/rails_admin by mshibuya 8 years ago

Most upvoted comments

I just upgraded from Rails 5.0.0 to 5.1.0 because of this error and the problem still persists (in development). I’m running Puma locally not Nginx.

Adding new records:

Started POST "/admin/stage/new" for 127.0.0.1 at 2017-08-21 12:13:54 +1200
Processing by RailsAdmin::MainController#new as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"RkH23gF/ocCmYnElCXn6TWxoAKjlK/5labIKyuwSnpDlu1feS4XNYVQC8XP2ZJFoEP+nAyHkBLnTCWKBvx5PHA==", "stage"=>{"solution_id"=>"", "step"=>"", "title"=>"", "goals"=>"", "resources"=>"", "duration_days"=>"", "locked"=>"0"}, "return_to"=>"http://localhost:5000/admin/stage", "_save"=>"", "model_name"=>"stage"}
Can't verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms)```

Editing existing records:
```Started POST "/admin/feed_post/1/edit" for 127.0.0.1 at 2017-08-21 12:21:50 +1200
  
ActionController::RoutingError (No route matches [POST] "/admin/feed_post/1/edit"):
  
actionpack (5.1.3) lib/action_dispatch/middleware/debug_exceptions.rb:63:in `call'
rollbar (2.14.1) lib/rollbar/middleware/rails/show_exceptions.rb:22:in `call_with_rollbar'
actionpack (5.1.3) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'

Downgrading to RailsAdmin 1.1.0 solved the first issue but not the second - I still can’t update records.

rails routes shows this:

  dashboard GET         /                                      rails_admin/main#dashboard
      index GET|POST    /:model_name(.:format)                 rails_admin/main#index
        new GET|POST    /:model_name/new(.:format)             rails_admin/main#new
     export GET|POST    /:model_name/export(.:format)          rails_admin/main#export
bulk_delete POST|DELETE /:model_name/bulk_delete(.:format)     rails_admin/main#bulk_delete
bulk_action POST        /:model_name/bulk_action(.:format)     rails_admin/main#bulk_action
       show GET         /:model_name/:id(.:format)             rails_admin/main#show
       edit GET|PUT     /:model_name/:id/edit(.:format)        rails_admin/main#edit
     delete GET|DELETE  /:model_name/:id/delete(.:format)      rails_admin/main#delete
show_in_app GET         /:model_name/:id/show_in_app(.:format) rails_admin/main#show_in_app

so it does seem like the edit action should be a PUT not a POST.

UPDATE: I switched to the Administrate gem and had the same issues! The authenticity_token issue was caused by Rails Api leaving out the cookie store, I was able to fix this by adding some lines to application.rb:

config.session_store :cookie_store
config.middleware.use ActionDispatch::Cookies
config.middleware.use ActionDispatch::Session::CookieStore, config.session_options

The routing issue was caused by the MethodOverride Rack middleware being left out - so when Rails receives forms with the hidden _method parameter set to PATCH it doesn’t act on that. To fix that I added this to application.rb:

config.middleware.use ::Rack::MethodOverride

These workarounds work with both Administrate and RailsAdmin 1.2.0.

+24

lesliev on Aug 21, 2017

@lesliev Dude, you saved my day. This solution works for both issues as advertised ! Thanks a lot.

terry90 on Sep 12, 2017