我正在使用设计用户登录,我正在尝试修复强参数问题。我找到了一个解决方案并遵循它并尝试解决问题。下面是应用程序控制器中的代码。
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :first_name, :last_name, :user_name) }
devise_parameter_sanitizer.for(:account_update) {|u| u.permit(:email, :password, :first_name, :last_name, :user_name, :current_paswword) }
end
end
此代码使我能够使用user_name,first_name和last_name创建用户。 但是,当我尝试编辑帐户时,我在输入更新帐户时一直遇到问题。它一直声明即使我已在该字段中输入密码,当前密码也不能为空。谁能帮我吗? 提前致谢
*更新 *
修改帐户代码
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
<%= f.error_notification %>
<div class="form-inputs">
<%= f.input :email, :required => true, :autofocus => true %>
<%= f.input :first_name, :required => true, :autofocus => true %>
<%= f.input :last_name, :required => true, :autofocus => true %>
<%= f.input :user_name, :required => true, :autofocus => true %>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<p>Currently waiting confirmation for: <%= resource.unconfirmed_email %></p>
<% end %>
<%= f.input :password, :autocomplete => "off", :hint => "leave it blank if you don't want to change it", :required => false %>
<%= f.input :password_confirmation, :required => false %>
<%= f.input :current_password, :hint => "we need your current password to confirm your changes", :required => true %>
</div>
<div class="form-actions">
<%= f.button :submit, "Update" %>
</div>
<% end %>
<h3>Cancel my account</h3>
<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete %></p>
<%= link_to "Back", :back %>
路线档案
TPS::Application.routes.draw do
resources :staffs
devise_for :users
resources :courses
resources :schedules
resources :events
root to: 'courses#index'
match '/schedule_courses' => 'courses#schedule', via: :get
end
User.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
end