12

我制作了一个设计用户模型并向其中添加了其他字段。当我创建和帐户时,一切正常,只有电子邮件、密码和密码 conf。

然后我想让用户去编辑页面并填写可选的附加字段。但是,当他们提交时,所有内容都保存为 nil。

 class RegistrationsController < Devise::RegistrationsController

   before_action :configure_permitted_parameters, if: :devise_controller?

   def configure_permitted_parameters
     devise_parameter_sanitizer.for(:sign_in){ |u| u.permit(:email, :password) }
     devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}
     devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
   end

   def update
     self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
     if resource.update_with_password(user_params)
       if is_navigational_format?
         flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ? :update_needs_confirmation : :updated
         set_flash_message :notice, flash_key
       end
       sign_in resource_name, resource, :bypass => true
       respond_with resource, :location => after_update_path_for(resource)
     else
       clean_up_passwords resource
       respond_with resource
     end
   end

   def user_params 
     params.require(:user).permit(:email, :password, :current_password, :password_confirmation, :name, :username, :about) 
   end
 end

我在控制台中得到这个输出,

 ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
 Processing by Devise::RegistrationsController#update as HTML
 Parameters: {"utf8"=>"✓", "authenticity_token"=>"EG8FtCTBohuG2uwUvIqmY7KTsmYY1nMAXqTfc0Li+eQ=", 
 "user"=>{"email"=>"a@a.com", "name"=>"Aaron", "username"=>"", "about"=>"", 
 "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "current_password"=>"[FILTERED]"}, "commit"=>"Update"}

User Load (2.2ms)  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 1]]
Unpermitted parameters: name, username, about

但是当我签入控制台(使用 User.last)时,数据库中没有保存任何内容。我被卡住了,看了看,不知道出了什么问题……

4

4 回答 4

39

在 Rails4 中,我们有强大的参数,所以请

将以下行添加到您的 application_controller.rb

before_filter :configure_devise_params, if: :devise_controller?
  def configure_devise_params
    devise_parameter_sanitizer.for(:sign_up) do |u|
      u.permit(:first_name, :last_name, :gender, :email, :password, :password_confirmation)
    end
  end
于 2013-09-02T07:37:56.660 回答
3

在处理了类似的事情之后,我决定使用应用程序控制器,然后发现设计文档在其强大的参数部分对此相当简单,并提供了使用应用程序控制器的替代方案。https://github.com/plataformatec/devise#strong-parameters

以下是适用于我的应用程序控制器的方法。

    class ApplicationController < ActionController::Base

      before_filter :configure_permitted_parameters, if: :devise_controller?

      private

      def configure_permitted_parameters
         devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}        
         devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }          
      end

    end

这应该是一样的,它直接覆盖Devise::RegistrationController.

    class Users::RegistrationsController < Devise::RegistrationsController

      private

      def configure_sign_up_params
        devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about,  :email, :password, :password_confirmation)}
      end

      def configure_account_update_params
        devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
      end

    end
于 2015-08-06T04:31:24.577 回答
1

首先产生新的领域。供参考 http://guides.rubyonrails.org/migrations.html

您是否在用户控制器参数中添加了新字段?

   def user_params
      params.require(:user).permit(:email, :password, :password_confirmation)
    end

    def sign_up_params
      params.require(:user).permit(:email, :password, :password_confirmation)
    end

在应用程序控制器中

before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation)}

    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :password_confirmation)}
  end

在覆盖设计的注册表单中添加此

class Users::RegistrationsController < Devise::RegistrationsController
     skip_before_filter :verify_authenticity_token, :only => [:ipn_notification]
  def sign_up_params
      params.require(:user).permit(:email, :password, :password_confirmation)
  end

之后,在所有视图 _form、show、edit、index 中添加新字段。

于 2013-08-24T03:27:33.750 回答
1

在 Rails 4.2 中,我就是这样做的。我有应用设计的用户模型。
使用此命令“rails generate devise:controllers users”生成自定义控制器。
我已将“用户名”名称属性添加到我的用户模型

在我的控制器中

class Users::RegistrationsController < Devise::RegistrationsController
 before_filter :configure_sign_up_params, only: [:create]
 before_filter :configure_account_update_params, only: [:update]
 #rest of code as generated

   protected

    # If you have extra params to permit, append them to the sanitizer.
    def configure_sign_up_params
      devise_parameter_sanitizer.for(:sign_up) << :username
    end

   # If you have extra params to permit, append them to the sanitizer.
   def configure_account_update_params
     devise_parameter_sanitizer.for(:account_update) << :username
   end

在路线中 

devise_for :users, controllers: {registrations: "users/registrations"}
于 2016-04-28T11:01:50.710 回答