rails 6 form validation errors even when criteria is met

Question

I am trying to add form validation to a simple blog post form. Currently I am testing for presence of title and description and if I submit an empty form it gives me the errors, but if I fill out the form it still gives me the errors. When I use byebug in my create action for the post_controller it shows the contents of the title and description that I enter but says permitted false.

Here is the form partial:

<%= form_with(model: post, local: true) do |f| %>
  <% if post.errors.any? %>
    <div class="row center-align">
      <div class="card-panel alert alert-danger">
        <span class="white-text">
          <strong><%= pluralize(post.errors.count, "error") %></strong>
          occured:
          <ul>
            <% post.errors.full_messages.each do |message| %>
              <li><%= message %></li>
            <% end %>
          </ul>
        </span>
      </div>
    </div>
  <% end %>

  <div class="form-group">
    <%= f.label :title %>
    <%= f.text_field :title, class: 'form-control' %>
  </div>

  <div class="form-group">
    <%= f.label :description %>
    <%= f.text_area :description, class: 'form-control' %>
  </div>

  <div class="form-group">
    <%= f.label :header_image %>
    <%= f.file_field :header_image %>
  </div>
  <div class="mt-1">
    <% if post.header_image.present? %>
      <small>Current Image</small>
      <%= image_tag(post.header_image, width: '100%') %>
    <% end %>
  </div>

  <div class="actions">
    <%= f.submit class: 'btn btn-primary mt-1 form-control' %>
  </div>
<% end %>

Here is the post_controller:

module Authors 

  class PostsController < AuthorsController
    before_action :set_post, only: [:edit, :update, :destroy]

    # GET /posts
    def index
      @posts = current_author.posts
    end

    # GET /posts/new
    def new
      @post = current_author.posts.build
    end

    # GET /posts/1/edit
    def edit
      @element = @post.elements.build
    end

    # POST /posts
    def create
      @post = current_author.posts.build
      
      if @post.save
        redirect_to edit_post_path(@post), notice: 'Post was successfully created.'
      else
        render :new
      end
    end

    # PATCH/PUT /posts/1
    def update
      if @post.update(post_params)
        redirect_to edit_post_path(@post), notice: 'Post was successfully updated.'
      else
        render :edit
      end
    end

    # DELETE /posts/1
    def destroy
      @post.destroy
      redirect_to posts_url, notice: 'Post was successfully destroyed.'
    end

    private
      # Use callbacks to share common setup or constraints between actions.
      def set_post
        @post = current_author.posts.find(params[:id])
      end

      # Only allow a list of trusted parameters through.
      def post_params
        params.require(:post).permit(:title, :description, :header_image)
      end
  end
end

And her is the post.rb:

class Post < ApplicationRecord
  belongs_to :author
  has_many :elements

  has_one_attached :header_image

  validates :title, :description, presence: true
end

The post form was working fine until I tried adding the validations. When I add buy but and test it I get the following when I run params:

#<ActionController::Parameters {"authenticity_token"=>"1hQyn6kWCiCwAaeaUa1PD9q76D29RF-56LKof1uC64auGtNvA2VCZ-mDLdY7EjCYP9zWpLLvfkgkE33AUZP7Ng", "post"=>{"title"=>"Testing", "description"=>"test"}, "commit"=>"Create Post", "controller"=>"authors/posts", "action"=>"create"} permitted: false>
(byebug) 

Answer 1

In the create method, you're not instantiating the Post object with post_params. So, @post.title and @post.description are nil causing the validations to fail.

@post = current_author.posts.build(post_params)