cleanup of passed parameters, user_id and user_type are extracted from current user and not used from the passed POST values..

app/controllers/request_for_comments_controller.rb

@@ -66,6 +66,6 @@ class RequestForCommentsController < ApplicationController
 
     # Never trust parameters from the scary internet, only allow the white list through.
     def request_for_comment_params
-      params.require(:request_for_comment).permit(:requestor_user_id, :exercise_id, :file_id, :requested_at)
+      params.require(:request_for_comment).permit(:exercise_id, :file_id, :requested_at).merge(requestor_user_id: current_user.id, user_type: current_user.class.name)
     end
 end