我无法将角色保存到我的设计用户表中(对于cancan)

时间:2013-10-24 10:12:32

标签: ruby-on-rails-3 devise cancan roles

我已经安装了Devise和CanCan,两者似乎都在工作。我在迁移中有“角色”列,但是当我在添加用户后检查日志时,BD查询没有显示添加角色的迹象

完整的事情看起来像这样:

Processing by Devise::RegistrationsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"S+SjhxsALMbHkRBPPwOMIvHo1Bd0cNYl1g=", "user"=>{"email"=>"david@mail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "role"=>"receptionist"}, "commit"=>"Sign up"}
Unpermitted parameters: role
   (0.2ms)  begin transaction
  User Exists (0.2ms)  SELECT 1 AS one FROM "users" WHERE "users"."email" = 'david@mail.com' LIMIT 1
Binary data inserted for `string` type on column `encrypted_password`
  SQL (3.1ms)  INSERT INTO "users" ("created_at", "email", "encrypted_password", "updated_at") VALUES (?, ?, ?, ?)  [["created_at", Thu, 24 Oct 2013 08:52:31 UTC +00:00], ["email", "david@mail.com"], ["encrypted_password", "$2a$10$e3hKTibsZ7qSgOC5OelKgjumU8ufu46xNrBkmXcDEpix/m"], ["updated_at", Thu, 24 Oct 2013 08:52:31 UTC +00:00]]
   (0.7ms)  commit transaction
   (0.1ms)  begin transaction
Binary data inserted for `string` type on column `last_sign_in_ip`
Binary data inserted for `string` type on column `current_sign_in_ip`
  SQL (0.7ms)  UPDATE "users" SET "last_sign_in_at" = ?, "current_sign_in_at" = ?, "last_sign_in_ip" = ?, "current_sign_in_ip" = ?, "sign_in_count" = ?, "updated_at" = ? WHERE "users"."id" = 2  [["last_sign_in_at", Thu, 24 Oct 2013 08:52:31 UTC +00:00], ["current_sign_in_at", Thu, 24 Oct 2013 08:52:31 UTC +00:00], ["last_sign_in_ip", "127.0.0.1"], ["current_sign_in_ip", "127.0.0.1"], ["sign_in_count", 1], ["updated_at", Thu, 24 Oct 2013 08:52:31 UTC +00:00]]
   (0.6ms)  commit transaction
Redirected to http://0.0.0.0:3000/
Completed 302 Found in 108ms (ActiveRecord: 5.6ms)

此外,如果我编辑用户并添加角色,我会在日志中收到以下错误

  

未经许可的参数:角色

我觉得迁移可能没有用..但我可以访问角色变量..所以我不完全理解。

我对rails非常陌生,所以我期待(并希望)我省略了一些明显的东西。

提前致谢

2 个答案:

答案 0 :(得分:0)

从它的外观来看,错误Unpermitted parameters:role表示您尚未在应用程序中将此列入白名单。我知道您的应用程序在处理属性保护方面发生了变化。所以你需要whitelist这个参数。如果这是rails 4你会做这样的事情:

class User < ActionController::Base
  def create
    User.create(params[:user])
  end

private
  def user_params
    params.require(:person).permit(:first_name, :last_name, :password, :role)
  end
end

以上是Rails 4附带的更改。但是在您的情况下(rails 3)我认为您只需要使该属性可访问。因此,您可以尝试将以下内容添加到用户模型中。 

attr_accessible :role

答案 1 :(得分:0)

你的应用程序控制器中的

      before_action :configure_permitted_parameters, if: :devise_controller?
 protected
 def configure_permitted_parameters
   devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:password, :password_confirmation,:current_password,:email,:name,:role) }
   devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:password, :password_confirmation,:email,:name,:role) }
 end
它对我有用!

相关问题
最新问题