So I have spent some time now trying to track down the illusive way to add a custom field to the field the "invitee" sends the invitation to.. My app is not a public facing app, and so the human resources department will send the invite upon hiring. However i would like to add basic information about the user being invited, and then they can fill out the non-pertinent info once they sign into the application..
is there a way to do this using a params sanitizer? i have only been able to find
devise_parameter_sanitizer.permit(:accept_invitation, keys: [:fname, :lname, :mobiletel, :password, :password_confirmation, :invitation_token])
but I need to do this before the invite is sent out.
Any help would be greatly appreciated here!
This is how I approached it:
# config/routes.rb
# Use a custom invitations controller.
devise_for :users, controllers: { invitations: 'users/invitations' }
# app/controllers/users/invitations_controller.rb
class Users::InvitationsController < Devise::InvitationsController
before_action :configure_permitted_parameters
protected
# Permit the new params here.
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:invite, keys: [:email, :additional_fields, :added_here])
end
end
it worked for me, although instead of :invite I had to use :accept_invitation
Related
I have a small rails app, but i'm having trouble getting some information that i'm trying to implement into the user to save. My app as of right now asks for a username and password for signing up. I did this by using the devise gem. However I want to also add an age check to the app, and this is where i've been running into problems.
My DB column is set at (in my schema)
t.date "birth_date"
My view is at
<%= f.input :birth_date, required: true, start_year:1900 %>
My controller has two parts to it:
def create
#user = current_user.build(user_params)
end
private
def user_params
params.require(:user).permit(:birth_date)
end
Whenever i try to log in and create a birth_date for my new user, in the console when I check, the birth_date is still set at nil. Would anyone know what i am missing with this? (I think i'm getting tripped up with Devise handling some things already)
Assuming you are trying to do input birth_date of the user as a part of sign_up process and using devise for this purpose you need to whitelist birth_date params explicitly.
Best way of doing that is using your own registerations_controller and inheriting it from devise
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_sign_up_params, only: :create
before_action :configure_account_update_params, only: :update
protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:birth_date])
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.permit(:account_update, keys: [:bith_date])
end
end
#in routes.rb
devise_for :users, controllers: {registrations: "users/registrations"}
since you using devise, and additional field while register, I think you should overwrite devise, here is link for reference, create registration controller as follow
app/controllers/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def create
super do
resource.birth_date = params[:birth_date]
resource.save
end
end
end
make sure you also have devise routes
app/config/routes.rb
devise_for :users, :controllers => {:registrations => "registrations"}
Assuming this your UsersController, separate from Devise controllers, you just need to save it to db:
def create
#user = current_user.update(user_params)
end
But you might need to change the birthday in params (which is a string) to a date object first, depending on your column type.
Also you might consider moving this to #update as this is really more an #update action than #create.
hey guys i want to register a new user with the help of devise but the view containes only 2 fields which are email and the password
i wish to save name, address, city, etc which are in my users table as well. In the view of registration/new.html.erb
after i added them in the view and i clicked sign up the following errors showed up
5 errors prohibited this user from being saved:
Name can't be blank
City can't be blank
Address can't be blank
Country can't be blank
Postal code can't be blank
so can someone please tell me what do i have to do to make devise accept these additional atrributes aside from email and password and save them in my users table
Add the following code in your ApplicationController to let Devise permit parameters other than email and password.
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
permitted_params = %i(name city address country postal) # returns [:name, :city, :address, :country, :postal]
devise_parameter_sanitizer.permit(:sign_up, keys: permitted_params)
devise_parameter_sanitizer.permit(:account_update, keys: permitted_params)
end
end
This way, you're configuring devise to permit the additional fields on both new account registration and profile updation.
For more, read https://github.com/plataformatec/devise#strong-parameters
According to latest Devise docu, I added additional parameter :name to my User model and adjusted RegistrationsController. It works so far, the parameter is taken, and I am able now to register the user with a name, but how I make this parameter strong required? If I do not specify it in the registration request, it still register the user without setting the name (in db then: name = nil). So how to prevent this situation and make name required?
here is the controller:
class Users::RegistrationsController < Devise::RegistrationsController
# Disable CSRF protection
skip_before_action :verify_authenticity_token
# Be sure to enable JSON.
respond_to :html, :json
before_action :configure_sign_up_params, only: [:create]
protected
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
end
end
For this you have to apply validations on the sign up form. You can use two different ways for this
Server Side Validation
For this you can use validates helper. You can add following line in your user model (user.rb). Refer this link for more information.
validates :name, presence: true
Client Side Validation
You can use JQuery plugin like for achieving this functionality.
Please refer this link for implementing JQuery validation using jquery.validate()
Greeting,
I've been working on getting my devise sign up form customized for my application, and it's been a bit of a pain trying to sort out how Devise is handling things. My form is customized, but my the attributes in my new fields are not being saved to the database. I looked at something like this solution:http://blog.12spokes.com/web-design-development/adding-custom-fields-to-your-devise-user-model-in-rails-4/ (yeah it's for rails 4) but.... it doesn't feel like the cleanest way to do this. I'd like to know if there is a more efficient way of doing this now. Would you recommend moving additional user information that is unrelated to Devise authentication into a new table? If so, can I put fields for some nested elements in the Devise sign-up form without having to go through all of business in the solution above. Thanks in advance!
What about trying to use the devise_parameter_sanitizer :
application_controller.rb
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
private
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:additional_field1, :additional_field2, :email, :password, :password_confirmation) }
end
end
and then on your User model, you could simply add validation :
user.rb
class User < ActiveRecord::Base
validates :additional_field1, presence: true
validates :additional_field2, uniqueness: true
end
I'm Using Devise and i'm trying to build a requirement that only emails that are included in my white list can actually Sign Up.
Over Time emails will be added to that list. Meaning that Today there are 10 emails, tomorrow another 20+.
But i don't know quite yet how to achieve this.
I know that i have to Create my own Registrations Controller, and for the Validation i think i need something similar to this:
before_validation :whitelisted?
def whitelisted?
unless WhiteList.exists?(:email => email)
errors.add :email, "is not on our beta list"
end
end
However, i am clueless on how to start or continue this. I don't even know if that's the best Practice.
How do i add emails to that whitelist and where is even that whitelist?
If someone could be noob-friendly enough to explain this to me.
Try the following i think this could help you.
create new registration controller
class RegistrationsController < Devise::RegistrationsController
def create
unless WhiteList.exists?(:email => params[:user][:email])
errors.add :email, "is not on our beta list"
else
super
end
end
end
and in routes file replace existing with following
devise_for :users, controllers: { registrations: "registrations" }
Create new model WhiteList using following
rails g model whitelist email:string
and run rake db:migrate command.
after this start Rails console add email's using following command.
Whitelist.create(email: "test#user.com")
I found #Amit Sharma's answer useful, but it doesn't work straight out of the box. Here's what I came up with:
class RegistrationsController < Devise::RegistrationsController
def create
if WhiteList.exists?(:email => params[:user][:email].downcase)
super
else
flash[:error] = "Your email is not on our beta list."
redirect_to new_user_registration_path
end
end
end
class WhiteList < ActiveRecord::Base
before_save :downcase_email
validates :email, presence: true
def downcase_email
self.email = email.downcase
end
end
This solves for case sensitivities when whitelisting an email and produces a flash error message when a Whitelisted email isn't matched.