Level 102
I use the same but haven't seen this error before (I use strict mode and the package). Can you see what exact code is causing the error ?
Nov 14, 2022
11
Level 1
Strict Mode issue with fillable and (non)related models?
Has anyone else come across this?
Basically i'm trying out Strict Mode (love it!), and whilst re-running my tests after enabling, i'm getting failures due to MassAssignmentExceptions. These failures are asking me to:
Add fillable property [roles] to allow mass assignment on [App\Models\User].
Now i'm using Spatie Permissions for role management, so there is no roles attribute in the User Model/Table, so it shouldn't be in there (and it blows if you add it). So i'm a bit confused as to the advice being given by the exception/test.
Have other occurrences of the same issue, where the test is telling me to add attributes to fillable that don't exist on the model in question.
Level 1
@Sinnbeck do you have a relationship defined for the roles/permissions on your User model by any chance? (will dig a bit deeper and let you know).
Level 102
@npw Only the one from the package. use HasRoles
1 like
Level 1
@Sinnbeck Same, will report back.
Level 1
@Sinnbeck Upon further investigation, it appears that because I am validating 'Roles' in my StoreUserFormRequest, that strict mode thinks it should be in the fillable? If I remove it from the Form Request validation the problem goes away (obviously).
Not sure if this is a problem with how I am doing things (likely), or with how strict mode is attempting to assess what should be present. I thought that the FormRequest would be the correct place to validate that information, but maybe my assumption was incorrect.
Level 102
@npw Can you show the form request ?
Level 1
@Sinnbeck i can...
<?php
namespace App\Http\Requests\User;
use App\Actions\Fortify\PasswordValidationRules;
use App\Enum\User\Permissions;
use Carbon\Carbon;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
class StoreUserRequest extends FormRequest
{
use PasswordValidationRules;
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return Gate::allows(Permissions::UserManagement());
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'first_name' => ['required', 'string', 'max:255'],
'last_name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'can_log_in' => ['required', 'boolean'],
'roles' => ['nullable'],
'password' => ['required'],
'password_expires_at' => ['required'],
'audit_reason' => ['required', 'array', 'min:1'],
'audit_reason.notes' => ['required', 'min:2'],
'site_id' => ['required'],
];
}
protected function prepareForValidation()
{
//convert boolean 'can_log_in' too false if checkbox not checked.
if (! ($this->has('can_log_in'))) {
$this->merge(['can_log_in' => 0]);
}
}
}
Level 102
@npw Do you use the validated data directly then? Cause that would indeed cause that error :)
User::create($request->validated());
1 like
Level 1
@Sinnbeck <facepalm.gif> argh of course, it is working exactly as it should be then. I need to invest in a rubber duck. Apologies, and thank you for your patience!
Level 102
@npw Yeah its the most important debugger tool :)
Level 1
For the benefit of future me, or anyone else who may have encountered this issue once turning no Strict Mode for an existing application, this thread relates to essentially the same issue... https://laracasts.com/discuss/channels/laravel/remove-items-from-request-validated
Please or to participate in this conversation.