"Psych::DisallowedClass" error fix

These changes are already included in Redmine 5.0.3. We recommend you use version 5.0.3 and above. Also, if you have a problem with an error, add class XXX (example 'Date') to the exceptions, then please write us so that we can make full corrections.

This fix is related to the new Hash serialization. The error itself looks like this:

Completed 500 Internal Server Error in 129ms (ActiveRecord: 22.2ms)
Psych::DisallowedClass (Tried to load unspecified class: ActionController::Parameters):

And it is related to:

For the plugin to work correctly, you need to make changes in the following file of the Redmine itself. Please open config/application.rb. Go to line 35. Add into:

config.active_record.yaml_column_permitted_classes

the following line

ActionController::Parameters

Don't forget to add a comma above. It looks like this:

    config.active_record.yaml_column_permitted_classes = [
      Symbol,
      ActiveSupport::HashWithIndifferentAccess,
      ActionController::Parameters
    ]

Save change. Restart your Redmine.

Also, depending on your specific Redmine version, please check if that the value yaml_column_permitted_classes is declared again further down in the config file, so it is declared twice in this way. In such situation, you have to disable the second yaml_column_permitted_classes and now the plugin will start working as expected.

    config.active_record.yaml_column_permitted_classes = [
      Date,
      Time,
      Symbol,
      ActiveSupport::HashWithIndifferentAccess,
      ActionController::Parameters
    ]

    config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob" 

    # Allow ActiveSupport::HashWithIndifferentAccess because it was
    # disallowed with Rails 6.1.6.4 security update. Whilst they have
    # re-added support for Symbol but not for other things, so allowing
    # here explicitly.

    config.active_record.yaml_column_permitted_classes = [Symbol,
ActiveSupport::HashWithIndifferentAccess]

Additional solution

When upgrading Redmine and using the Redmine Agile plugin, some users may encounter an error related to the Psych library. The error may look like this:

Psych::DisallowedClass (Tried to load unspecified class: Set or other class):.....
  • Cause of the Error

This error occurs due to changes in the Psych library, which from version 4.0 uses `safe_load` by default instead of `load`. As a result, certain classes like `Set` cannot be loaded during YAML deserialization. In Redmine, this can happen when trying to retrieve certain settings or queries that were saved in an old format.

  • Solution

To avoid this error, you need to convert old settings and queries to a new format compatible with the current version of Redmine and the Redmine Agile plugin. The Redmine Agile plugin provides two Rake tasks for this purpose: - redmine:agile:convert_settings - redmine:agile:convert_queries These tasks automatically convert old data into the current format.

  • Steps to Convert Settings and Queries

1. Preparation Make sure you have a backup of your database before performing any operations. This is essential in case anything goes wrong.

2. Running the Rake Tasks To convert old settings, run the following command:

rake redmine:agile:convert_settings RAILS_ENV="production" 

To convert old queries, run:

rake redmine:agile:convert_queries RAILS_ENV="production" 

These commands will search for old records in the `settings` and `queries` tables that contain data in the old format and convert them to the new format using safe YAML loading methods.

3. Verify the Results After running the tasks, check the operation of Redmine and the Redmine Agile plugin. The `Psych::DisallowedClass` error should be resolved.

Was this article helpful? Yes  No
523 from 555 found this helpful