Rails 4 Error 422 on heroku with ajax button

[Bazley]

My Rails 4 app works fine locally but when I deploy to heroku I keep getting the error "422 Unprocessable Entity" for a particular ajax request:

    <%= button_to update_profile_picture_path(
                    params: {
                      picid:    standardpicture.id,
                      callsign: character.callsign,
                      authenticity_token: form_authenticity_token # doesn't work with or without this
                    }
                  ),
                  class: 'btn btn-default btn-xs',
                  remote: true do %>
      <span class="glyphicon glyphicon-user" aria-hidden="true"></span>
    <% end %>

which hits this controller action:

    def update_profile
      @character = Character.find_by(callsign: params[:callsign])
      standardpicture = Picturething.find_by(id: params[:picid])
      @character.build_profilepicture
      standardpicture.picture.recreate_versions!
      @character.profilepicture.picture = standardpicture.picture.profile
      @character.profilepicture.save!
      respond_to do |format|
        format.html do
          redirect_to @character.sociable
        end
        format.js
      end
    end

I've done everything suggested on SO:

**application_controller.rb**

    protect_from_forgery # doesn't work with with: :exception or with: :null_session

**application.html.erb**

    <%= csrf_meta_tags %>

I've also tried deleting cookies and clearing the cache.

**request headers**

    ResponseHeaders
    X-Runtime 3.023140
    Date Mon, 21 Dec 2015 12:20:28 GMT
    Via 1.1 vegur
    Server Cowboy
    Strict-Transport-Security max-age=31536000
    Content-Type text/html; charset=utf-8
    Connection keep-alive
    Content-Length 1334
    X-Request-Id b4217519-49d0-4719-ad19-283b7160d6cd
    RequestHeaders
    X-CSRF-Token
    3bvVUdzpR7vPprCaDH+jaFBZL/WH8s7kp82pg9yhUZFMdKM5oDVwkSPt75iCoXW1mA81lQk7f/NhKTLmrCCrCw==
    Content-Type application/x-www-form-urlencoded; charset=UTF-8
    Accept */*;q=0.5, text/javascript, application/javascript, application/ecmascript, application/x-ecmascript
    X-Requested-With XMLHttpRequest

Does anyone have any idea how to fix this?

[Colin Law]

On 21 December 2015 at 15:55, Bazley <197...@gmail.com> wrote:
> My Rails 4 app works fine locally but when I deploy to heroku I keep getting
> the error "422 Unprocessable Entity" for a particular ajax request:

Have a look in production.log and you should get more information.

Colin

> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubyonrails-ta...@googlegroups.com.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/rubyonrails-talk/c09c3b36-4c9d-4830-adb9-e9094ce8ce63%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Bazley]

Ok, here are the local logs and the production logs. While the local logs don't have any errors the production logs are complaining about the line

      @character.profilepicture.save!

in the controller.

local logs:

Started POST "/update_profile_picture?authenticity_token=q7pjfNN0v6matLmOvEY6O78cZ20aZNf9bVnOerV38we0dU317%2BRUeeA0OOOdinBkhCFy9XkzWnPlf%2BRvX6Sj6w%3D%3D&callsign=bazley&picid=2" for ::1 at 2015-12-21 20:10:10 +0000
Processing by PicturethingsController#update_profile as JS  
  Parameters: {"authenticity_token"=>"q7pjfNN0v6matLmOvEY6O78cZ20aZNf9bVnOerV38we0dU317+RUeeA0OOOdinBkhCFy9XkzWnPlf+RvX6Sj6w==", "callsign"=>"bazley", "picid"=>"2"}  
  Character Load (0.3ms)  SELECT  "characters".* FROM "characters" WHERE "characters"."callsign" = $1 LIMIT 1 [["callsign", "bazley"]]  
  Picturething Load (0.4ms)  SELECT  "picturethings".* FROM "picturethings" WHERE "picturethings"."id" = $1 LIMIT 1 [["id", 2]]  
  Picturething Load (0.8ms)  SELECT  "picturethings".* FROM "picturethings" WHERE "picturethings"."character_profile_id" =$1 LIMIT 1  [["character_profile_id", 1]]  
   (1.6ms)  BEGIN
  SQL (4.6ms)  DELETE FROM "picturethings" WHERE "picturethings"."id" = $1  [["id", 18]]  
   (3.8ms)  COMMIT  
   (0.2ms)  BEGIN  
  SQL (5.3ms)  INSERT INTO "picturethings" ("character_profile_id", "picture", "created_at", "updated_at") VALUES ($1, $2,$3, $4) RETURNING "id"  [["character_profile_id", 1], ["picture", "profile_GOT1.jpeg"], ["created_at", "2015-12-21 20:10:11.624407"], ["updated_at", "2015-12-21 20:10:11.624407"]]  
   (0.4ms)  COMMIT  
  Rendered picturethings/update_profile.js.erb (0.6ms)  
Completed 200 OK in 786ms (Views: 4.4ms | ActiveRecord: 17.5ms)

Production logs:

2015-12-21T20:07:48.576449+00:00 app[web.1]: Started POST "/update_profile_picture?authenticity_token=Ubzl991xI%2FZwp8ZVxBRRxJZ060yLqQwgd4Oyz0m3r4bAc5Ofoa0U3JzsmVdKyocZXiLxLAVgvTexZymqOTZVHA%3D%3D&callsign=bazley&picid=1" for217.38.149.159 at 2015-12-21 20:07:48 +0000
2015-12-21T20:07:48.579647+00:00 app[web.1]: Processing by PicturethingsController#update_profile as JS
2015-12-21T20:07:48.579670+00:00 app[web.1]:   Parameters: {"authenticity_token"=>"Ubzl991xI/Zwp8ZVxBRRxJZ060yLqQwgd4Oyz0m3r4bAc5Ofoa0U3JzsmVdKyocZXiLxLAVgvTexZymqOTZVHA==", "callsign"=>"bazley", "picid"=>"1"}
2015-12-21T20:07:49.565800+00:00 heroku[router]: at=info method=POST path="/update_profile_picture?authenticity_token=Ubzl991xI%2FZwp8ZVxBRRxJZ060yLqQwgd4Oyz0m3r4bAc5Ofoa0U3JzsmVdKyocZXiLxLAVgvTexZymqOTZVHA%3D%3D&callsign=bazley&picid=1" host=websmash.herokuapp.com request_id=bd512b7f-9475-474a-a27b-265a558b5653 fwd="217.38.149.159"dyno=web.1 connect=0ms service=975ms status=422 bytes=1607
2015-12-21T20:07:49.545882+00:00 app[web.1]: Completed 422 Unprocessable Entity in 966ms (ActiveRecord: 9.1ms)
2015-12-21T20:07:49.549053+00:00 app[web.1]:  
2015-12-21T20:07:49.549058+00:00 app[web.1]: ActiveRecord::RecordInvalid (Validation failed: Picture Failed to manipulatewith MiniMagick, maybe it is not an image? Original Error: Command ("identify -quiet -ping /tmp/mini_magick20151221-12-kc1te5.jpg") failed: {:status_code=>1, :output=>"identify.im6: Not a JPEG file: starts with 0x23 0x3c `/tmp/mini_magick20151221-12-kc1te5.jpg' @ error/jpeg.c/JPEGErrorHandler/316.\n"}):
2015-12-21T20:07:49.549060+00:00 app[web.1]:   app/controllers/picturethings_controller.rb:12:in `update_profile'

character.rb:

  has_many :standardpictures, class_name: "Picturething",
                              inverse_of: :character,
                              foreign_key: "character_standard_id",
                              dependent: :destroy
  accepts_nested_attributes_for :standardpictures

  has_one  :profilepicture,   class_name: "Picturething",
                              inverse_of: :character,
                              foreign_key: "character_profile_id",
                              dependent: :destroy
  accepts_nested_attributes_for :profilepicture

picturething.rb

  belongs_to      :character, class_name: "Character",
                              inverse_of: :standardpictures,
                              foreign_key: :character_standard_id
  belongs_to      :character, class_name: "Character",
                              inverse_of: :profilepicture,
                              foreign_key: :character_profile_id
  mount_uploader  :picture, CharacterpicUploader

uploaders/characterpic_uploaders.rb

  include CarrierWave::MiniMagick
  process resize_to_limit: [900, 900]
  version :profile do
    process resize_to_fill: [230, 230]
  end
  # Choose what kind of storage to use for this uploader:
  if Rails.env.production?
    storage :fog
  else
    storage :file
  end
  # Override the directory where uploaded files will be stored.
  # This is a sensible default for uploaders that are meant to be mounted:
  def store_dir
    "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
  end

At first glance it looks like MiniMagik doesn't think the file a a jpeg. I don't understand yet, I shall investigate further now, but that's the latest!

[Bazley]

Update:

Removing MiniMagick partially solves the problem - the ajax request goes through without error, returning this js:

    $('#profilepic').html('<img src=\"https://websmash.s3.amazonaws.com/uploads/picturething/picture/5/baz1.jpg\" alt=\"baz1\" />')

However the picture doesn't show up, there's just a broken link saying 'baz1'.

[Colin Law]

If you put that link straight into the browser you will see that
apparently amazon does not recognise websmash. I have never used
amazon aws so I can't say exactly what the problem may be.

Colin

[Bazley]

I apologise, I have been fiddling with my heroku apps. If you put the link straight into the browser you get this:

https://websmash.s3.amazonaws.com/uploads/picturething/picture/5/baz1.jpg

This XML file does not appear to have any style information associated with it. The document tree is shown below.

<Error>

<Code>AccessDenied</Code>

<Message>Access Denied</Message>

<RequestId>0F6DF8724F164793</RequestId>

<HostId>

esdRXlx45WSymKdn0+nbrzB9FmeCnFJ+jaARkdgRtsGu7ekUWLcJftNnGns1NC//w8JEP5s8ckA=

</HostId>

</Error>

[Hassan Schroeder]

On Tue, Dec 22, 2015 at 6:54 AM, Bazley <197...@gmail.com> wrote:

> This XML file does not appear to have any style information associated with
> it. The document tree is shown below.
> <Error>
> <Code>AccessDenied</Code>

So open your S3 console and fix your permissions :-)

--
Hassan Schroeder ------------------------ hassan.s...@gmail.com
http://about.me/hassanschroeder
twitter: @hassan
Consulting Availability : Silicon Valley or remote

[Bazley]

Ok, I've been reading about Amazon bucket ACLs and their permissions. I'm not clear on the following. 

My objectives are simple: I have created a website in which users can sign in, make posts, upload photos etc. Firstly, which group should I choose (Anyone; Any authenticated AWS user; log delivery; Me; Bazley). Which of these represents "anyone signed in and using my website"?

Secondly, what level of permissions should I give this group? (Read; Write; Read_ACP; Write_ACP)