为Devise改变强烈的障碍

时间:2015-12-21 13:46:36

标签: ruby-on-rails ruby devise strong-parameters

在我的应用程序中,我最初创建了一个用户脚手架,然后我创建了一个Devise User模型,只是在User模型中添加了属性,但是在我的用户控制器中,每当我尝试创建参数" username"一个允许的参数,它仍会吐出错误"用户名不是允许的参数"。

我的user.rb 

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :rememberable, :trackable, :validatable
  belongs_to :role

  def email_required?
    false
  end

  def email_changed?
    false
  end


end

我的用户控制器

class UsersController < ApplicationController
  before_filter :authenticate_user! 
  before_action :set_user, only: [:show, :edit, :update, :destroy]

  # GET /users
  # GET /users.json
  def index
    @users = User.all
  end

  # GET /users/1
  # GET /users/1.json
  def show
  end

  # GET /users/new
  def new
    @user = User.new
  end

  # GET /users/1/edit
  def edit
  end

  # POST /users
  # POST /users.json
  def create
    @user = User.new(user_params)

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.json { render :show, status: :created, location: @user }
      else
        format.html { render :new }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /users/1
  # PATCH/PUT /users/1.json
  def update
    respond_to do |format|
      if @user.update(user_params)
        format.html { redirect_to @user, notice: 'User was successfully updated.' }
        format.json { render :show, status: :ok, location: @user }
      else
        format.html { render :edit }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /users/1
  # DELETE /users/1.json
  def destroy
    @user.destroy
    respond_to do |format|
      format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_user
      @user = User.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def user_params
      params.require(:user).permit(:role_id, :username, :password, :password_confirmation)
    end
end

正如您所看到的,我已经将用户名&#39;属于强大的参数,但它仍然是不允许的。非常感谢任何帮助,谢谢!

1 个答案:

答案 0 :(得分:6)

在你的application_controller.rb中尝试这个

before_action :configure_permitted_parameters, if: :devise_controller?

protected

def configure_permitted_parameters
  devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email, :password) }
end

文档https://github.com/plataformatec/devise#strong-parameters

相关问题
最新问题