I have installed devise gem and added custom fields to database for fullname and location as strings.
I updated edit and new form pages as:
<%= f.input :fullname, required: true %>
<%= f.input :location %>
But it doesn't save or update this fields.
I can't see any controller for that
What am I missing? I went through tens of tutorials, but can't figure it out.
I'm using Rails 5.1.3 and Ruby 2.4.0p0.
You can do it in the "lazy way" by using the configure_permitted_parameters before filter.
In your ApplicationController add the protected method specifying the keys to permit in the devise_parameter_sanitizer. Then add a before_action callback pointing to this method if the controller being used is a devise registered controller.
In your case maybe something like:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
permit_attrs(%i[fullname location])
end
def permit_attrs(attrs)
%i[sign_up account_update].each do |action|
devise_parameter_sanitizer.permit(action, keys: attrs)
end
end
end
Related
I want to permit :full_name parameter for my user model registration in devise, and I always getting Unpermitted parameter: :full_name as response for Users::RegistrationsController#create action
I have tried several ways as I show you next:
1. Application controller (option 1)
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
case params[:action]
when 'create'
devise_parameter_sanitizer.permit(:sign_up, keys: %i[full_name])
when 'update'
...
end
end
end
Result => Unpermitted parameter: :full_name
2. Registration controller (option 2)
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_sign_up_params, only: :create
protected
def configure_sign_up_params
params.require(:user).permit(%i[full_name])
end
end
Result => Unpermitted parameter: :full_name
3. Registration controller (option 3)
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_sign_up_params, only: :create
protected
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: %i[full_name ])
end
end
Result => Unpermitted parameter: :full_name
In my gemfile:
gem 'devise', '~> 4.8'
In my routes:
devise_controllers = {
confirmations: 'users/confirmations',
registrations: 'users/registrations',
invitations: 'users/invitations',
}
devise_for :users, controllers: devise_controllers
I have read devise strong params but to be honest I do not know what I am doing wrong.
Also I tried to debug in Users::RegistrationsController#create what is happening with:
def create
super do
binding.pry
end
end
but it skips the debugger breakpoint... do you have any idea what is going on?
Cheers!
Edit:
Following suggestion from JohnP, I only left :full_name in devise keys parametter sanitizer for sign_up
Also I removed a callback that is bypassing my debug breakpoint and now I can stop with pry in create action
Generally, you write strong params for a specific controller, not in your ApplicationController, because the permitted conditions will be different for each model. When using devise_parameter_sanitizer, you only need to include the extra fields you're adding - this isn't setting up your strong params from scratch, just adding keys to the default Devise list.
So, you should find that this is all you need in your Users::RegistrationsController.
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:full_name])
end
(BTW, ensure you refer to the parameter correctly, as params[:user][:full_name].)
(Oh, and if you want to do debugging, I'd suggest installing the byebug gem. You just add an extra line byebug where you want to have a breakpoint.)
I'm using Devise with my Rails 4.2 application and I have custom users controller than I use to navigate to a profile page in the users#show route. The problem is, if I call
#user.username
It returns nothing and the value is nil.
Routes:
devise_for :users
resources :users, :only => [:show]
I also made the following adjustments on the config file via the application_controller:
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password,:username) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation,:username) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation,:username) }
end
The weird thing is, I've seeded the db with default users and they have access to the method. So that leaves me to believe there's a problem with the form. But sure enough, I've enabled the field so it's not like I'm not passing in values.
devise/registrations/new.html.erb
<div class="field">
<%= f.label :username %><br />
<%= f.text_field :username, autofocus: true %>
</div>
Finally, I pass along the user object via the controller like this:
def show
#user = User.find(params[:id])
#posts = #user.posts.last(5)
end
One last thing, if I inspect the user object, it shows that there's a username method but the value is nil.
I've looked at the examples from Devise but still am not getting what's going on.
Very simple solution actually. The method needs to be called with a before action like this:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
It's in the docs here: https://github.com/plataformatec/devise#strong-parameters
Did you maybe add attr_accessor in your user model?
This may override your values to be nil.
I have a common problem: I am using devise and I want to add a checkbox for "terms and conditions".
It's well covered everywhere, except for one moment. If I do
<%= f.check_box(:terms_and_conditions )%>
Then I get an error that :terms_and_conditions is not defined. Where should I define it? The model? The controller?
Try using the acceptance validation method:
class User < ActiveRecord::Base
validates :terms_and_conditions, acceptance: true
end
As stated in the Rails Guide
This validation is very specific to web applications and this 'acceptance' does not need to be recorded anywhere in your database (if you don't have a field for it, the helper will just create a virtual attribute).
In addition, you'll need to add the :terms_and_conditions parameter to the permitted parameters for sign up:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :terms_and_conditions
end
end
I've been busting myself for a ton of hours now on how to do this.
I have 2 models.
intern.rb
company.rb
I've been able to add custom fields on registration, for me that was :name. I did that by adding:
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |i| i.permit(:email, :password, :name) }
end
I've been reading up on the devise readme and trying to understand how to add it so it's specific to one user model. But I get an error every single time.
I tried creating a controller called:
interns_controller.rb
with the code:
class Intern::ParameterSanitizer < Devise::ParameterSanitizer
def sign_up
default_params.permit(:email, :password, :name)
end
end
and then adding this into the
application_controller.rb
code:
protected
def devise_parameter_sanitizer
if resource_class == Intern
Intern::ParameterSanitizer.new(Intern, :intern, params)
else
super
end
end
however I get an error. What am I doing wrong here?
Image with error: http://s12.postimg.org/fqpwyzzdp/Screen_Shot_2014_06_17_at_15_41_58.png
I upgraded an app to rails 4 and everything is working fine. I can sign in and goto my edit page. Also updated the views. When using the standard view, the user is updated. But when I add for example the field :name, this is not updated in the form.
Using devise 3.1.1 and also the gem 'protected_attributes'
Do I need to run some kind of update command on devise or db?
I have also searched this place, finding many different solution, but none will update my user field. I have not added any custom fields.
If you want to permit additional parameters you can use a before filter in your ApplicationController because Rails 4 moved the parameter sanitization from the model to the controller.
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :name << :surname << :username
devise_parameter_sanitizer.for(:account_update) << :name << :surname << :username
end
end
You can also find more here.