Whitelist Carrierwave attributes correctly

Say you have a User with a Carrierwave attribute #avatar:

class User < ActiveRecord::Base
  mount_uploader :avatar, AvatarUploader
end

When whitelisting the avatar field in the controller, you might do this:

params[:user].permit(:avatar)

But you probably want this:

params[:user].permit(:avatar, :avatar_cache, :remove_avatar)

In this example:

  • :avatar_cache allows a newly upload image to persist through form roundtrips in the case of validation errors (something that isn't possible with Paperclip).
  • :remove_avatar is the name of a check box that would delete the avatar. Note that if your Carrierwave image is held by a record that only exists to hold an image (e. g. Image and Image#file, you probably want to destroy the entire record instead of leaving an empty shell behind.
Henning Koch
This website uses short-lived cookies to improve usability.
or learn more