Develop Reference

Devise does not let users update their info

Before writing this I have checked out the official guides and similar questions but somehow I keep getting problems and they don't help.
The thing is that I need the users to have the ability to change their passwords. To do that, I use Devise, and its views. I can use Devise perfectly in all other areas, but when I try this, even with account just created for that, It gives 2 errores: current password is not valid, and password confirmation is not valid.
I have tried sanitizers in two ways:
users/registration_controller.rb
# frozen_string_literal: true
class Users::RegistrationsController < Devise::RegistrationsController
# before_action :configure_sign_up_params, only: [:create]
skip_before_action :require_no_authentication
before_action :authenticate_user!
before_action :authorize_admin!, only: :create
# before_action :configure_account_update_params, only: [:update]
# GET /resource/sign_up
# def new
# super
# end
# POST /resource
def create
build_resource(sign_up_params)
resource.save
yield resource if block_given?
if resource.persisted?
if resource.active_for_authentication?
set_flash_message! :notice, :signed_up
respond_with resource, location: after_sign_up_path_for(resource)
else
set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
expire_data_after_sign_in!
respond_with resource, location: after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
set_minimum_password_length
respond_with resource
end
end
# GET /resource/edit
# def edit
# super
# end
# PUT /resource
# def update
# super
# end
# DELETE /resource
# def destroy
# super
# end
# GET /resource/cancel
# Forces the session data which is usually expired after sign
# in to be expired now. This is useful if the user wants to
# cancel oauth signing in/up in the middle of the process,
# removing all OAuth session data.
# def cancel
# super
# end
protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :email, :password, :password_confirmation, :creditos, :role, :birthday, :dni, :address, :phone, :gender])
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name, :email, :password, :password_confirmation, :current_password, :creditos, :role, :birthday, :dni, :address, :phone, :gender])
end
# The path used after sign up.
def after_sign_up_path_for(resource) #Resource is the user just created
empresa = Empresa.create(user_id: resource.id)
resource.empresa_id = empresa.id
if resource.save(validate: false)
edit_empresa_path(resource.empresa)
else
flash[:alert] = "Ha habido un problema"
redirect_to (root_path)
end
end
# The path used after sign up for inactive accounts.
# def after_inactive_sign_up_path_for(resource)
# super(resource)
# end
private
def authorize_admin!
unless user_signed_in? && current_user.admin?
redirect_to root_path, alert: "Tú no eres administrador."
end
end
end
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
private
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up) do |user|
user.permit(:email, :password, :password_confirmation, :role, :creditos )
end
devise_parameter_sanitizer.permit(:account_update) do |user|
user.permit(:email, :password, :password_confirmation, :current_password, :role, :creditos )
end
end
end
Note: I have verified several times with different accounts that the current password is ok. The methods above were used one at a time. Not simultaneously.

Rails 4 Devise Non-Lazy Function Overloading

I have two devise models- Worker and User. The worker signup requires additional attributes not specific to user.
I was running my user signup through the application controller
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :password, :email, :firstName, :lastName, :dateofBirth, :address1, :address2, :city, :state, :zip)}
end
However, when I added my worker sign up, I decided to go the nonlazy way, created my Worker controller via
rails generate devise:controllers Worker
And proceeded to the registration controller in worker. There I un-hashed the before-filter and added a params filter after searching Google and StackOflow to figure out how to do this. Also went into the Github devise source code and copied and pasted their create code in their registration controller. My controller looks like this:
class Workers::RegistrationsController < Devise::RegistrationsController
before_filter :configure_sign_up_params, only: [:create]
def create
build_resource(registration_params)
resource.save
yield resource if block_given?
if resource.persisted?
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_flashing_format?
sign_up(resource_name, resource)
respond_with resource, location: after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
expire_data_after_sign_in!
respond_with resource, location: after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
set_minimum_password_length
respond_with resource
end
#super
end
protected
def registration_params
params.require(:worker).permit(:username, :password, :email, :firstname, :lastname, :address1, :address2, :city, :state, :zip)
end
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:username, :password, :email, :firstname, :lastname, :address1, :address2, :city, :state, :zip)}
end
end
end
The data still shows up as nil on my console. Why is the data not saving and how do I get the data to save?

OK for anyone who finds and can understand this- the answer is STI.
http://adamrobbie.me/blog/2013-3-29-sti-with-rails-40-beta-and-devise

how do I create and assign a new object to a user after sign up?

How do you create and assign a new object to the User after a sign up with devise?
I created a Profile model to hold attributes for the User model such as "name" "location" "description" "photo" etc.
I'm using Devise to register users for the User model, which will just hold email and password.
I wanted to separate these attributes out from one User model so user profile attributes can be updated without a password.
I've tried an after_create callback to initialize a new profile object, but it doesn't work.
"undefined local variable or method `current_user' for #"
User.rb
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
has_one :profile, dependent: :destroy
after_create :setup_profile
protected
def setup_profile
#profile = current_user.profile.create
end
end
my_devise/registrations_controller.rb
class MyDevise::RegistrationsController < Devise::RegistrationsController
def create
build_resource(registration_params)
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
respond_with resource, :location => after_sign_up_path_for(resource)
end
else
#clean_up_passwords
respond_with resource
end
end
def update
#user = User.find(current_user.id)
successfully_updated = if needs_password?(#user, params)
#user.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
else
# remove the virtual current_password attribute
# update_without_password doesn't know how to ignore it
params[:user].delete(:current_password)
#user.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
end
if successfully_updated
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case their password changed
sign_in #user, :bypass => true
redirect_to after_update_path_for(#user)
else
render "edit"
end
end
private
# check if we need password to update user data
# ie if password or email was changed
# extend this as needed
def needs_password?(user, params)
user.email != params[:user][:email] ||
params[:user][:password].present? ||
params[:user][:password_confirmation].present?
end
# https://github.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-account-without-providing-a-password
def needs_pass?(user, params)
params[:password].present?
end
def registration_params
params.require(:user).permit(:email, :username, :password, :password_confirmation)
end
def user_params
params.require(:user).permit(:name, :username, :location, :description, :website)
end
protected
def after_update_path_for(resource)
edit_user_registration_path(resource)
end
def after_sign_up_path_for(resource)
current_user
end
end

current user is not available in model. And when you use callback you are actually referring to that object that you work with (the user that signs up).
after_create :setup_profile
def setup_profile
profile = self.create_profile # or Profile.create(user_id: self.id)
end

Comma separated value not being stored

I have a model called org and department. Whenever a organization sign up, it must create a list of departments it has by entering the name of departments as comma separated value. The department list can also be edited later. These are my models:
0rg
class Org < ActiveRecord::Base
has_many :departments, dependent: :destroy
attr_accessible :name, :website, :department_list
validates :name, presence: true
validates :website, presence: true
def department_list
departments.collect { |d| d.department_name }.join(', ')
end
def department_list=(text)
if id && text
departments.destroy_all
text.split(',').each do |d|
departments.create(department_name: d.strip.capitalize)
end
end
end
end
Department
class Department < ActiveRecord::Base
attr_accessible :department_name, :org_id
belongs_to :org
end
My view
<%= f.text_area :department_list, :cols => "10", :rows => "10" %>
Problem:
When the organization sign up by entering the department name as comma separated value, it is not stored in the database. But when the organization updates the field later by edit action, only then department name is stored and it can be further edited at any time. I want the department name to be stored when organization sign up.
Please Help.
EDIT:
My Registration Controller:
class Webs::RegistrationsController < Devise::RegistrationsController
prepend_before_filter :require_no_authentication, :only => [ :new, :create, :cancel ]
prepend_before_filter :authenticate_scope!, :only => [:edit, :update, :destroy]
# GET /resource/sign_up
def new
build_resource({})
respond_with self.resource
end
# POST /resource
def create
build_resource(sign_up_params)
# customized code begin
# create a new child instance depending on the given user type
child_class = params[:web][:user_type].camelize.constantize
resource.role = child_class.new(params[child_class.to_s.underscore.to_sym])
# first check if child instance is valid
# cause if so and the parent instance is valid as well
# it's all being saved at once
valid = resource.valid?
valid = resource.role.valid? && valid
# customized code end
if valid && resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
render :new
end
end
# GET /resource/edit
def edit
render :edit
end
# PUT /resource
# We need to use a copy of the resource because we don't want to change
# the current user in place.
def update
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
if resource.update_with_password(account_update_params)
resource.role.update_attributes(params[:org])
resource.role.update_attributes(params[:user])
if is_navigational_format?
flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ?
:update_needs_confirmation : :updated
set_flash_message :notice, flash_key
end
sign_in resource_name, resource, :bypass => true
respond_with resource, :location => after_update_path_for(resource)
else
clean_up_passwords resource
render :edit
end
end
end

Devise: creating extra records on user creation

How do I create extra records when a user creates an account with devise?
Using a HABTM association between a User and Team model, I'm trying create a team that the user is associated with on there account creation.
Below is the code that I have attempted to use.
class RegistrationsController < Devise::RegistrationsController
def create
super
current_user.teams.create(:name => 'User Name')
end
end
I have also tried this
class RegistrationsController < Devise::RegistrationsController
def create
build_resource
if resource.save
resource.teams.create(:name => 'User Name')
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
respond_with resource
end
end
end

I solved this by changing routes.rb to point to the customised controller.
routes.rb
devise_for :users,
:controllers => { :registrations => "registrations" }
registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def create
super
resource.teams.create(:name => 'User Name')
end
end

You can use a before_save in your model like this :
class User < ActiveRecord::Base
# ... your code ...
after_create :set_user_on_team
# ... your code ...
private
def set_user_on_team
teams.create(:name => username)
end
end
See the doc here : http://guides.rubyonrails.org/active_record_validations_callbacks.html#available-callbacks