遵循本指南后登录工作正常:允许用户使用他们的用户名或电子邮件地址登录
但是,创建新用户不再起作用。这就是我得到的:
Started POST "/users" for 10.0.2.2 at 2014-07-30 15:08:49 +0000
ActiveRecord::SchemaMigration Load (1.4ms) SELECT "schema_migrations".* FROM "schema_migrations"
User Load (3.0ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 ORDER BY "users"."id" ASC LIMIT 1
Processing by UsersController#create as JS
Parameters: {"utf8"=>"✓", "user"=>{"name"=>"user", "account_id"=>"1", "username"=>"user", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Create User"}
Account Load (0.8ms) SELECT "accounts".* FROM "accounts" WHERE "accounts"."id" = $1 LIMIT 1 [["id", 1]]
(2.0ms) BEGIN
User Exists (1.6ms) SELECT 1 AS one FROM "users" WHERE LOWER("users"."username") = LOWER('user') LIMIT 1
(2.0ms) ROLLBACK
Redirected to http://localhost:3000/users
Completed 302 Found in 847ms (ActiveRecord: 14.2ms)
我不知道为什么它不起作用。以下是设计中涉及的一些代码:
class ApplicationController < ActionController::Base
include Pundit
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :remember_me) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me, :account_id) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
private
def user_not_authorized
flash[:alert] = "Access denied."
redirect_to (request.referrer || root_path)
end
end
用户控制器.rb:
def create
@account = Account.find(params[:user][:account_id])
@user = @account.users.build(user_params)
authorize @user
respond_to do |format|
if @user.save
format.html { redirect_to users_path, notice: 'Successfully created User' }
format.js {}
end
end
private
def user_params
params.require(:user).permit(:role, :name, :username, :email, :password, :password_confirmation, :account_id)
end
用户.rb:
class User < ActiveRecord::Base
belongs_to :account
has_many :expenses
validates :username, :uniqueness => { :case_sensitive => false }
attr_accessor :login
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
enum role: [:user, :vip, :admin]
after_initialize :set_default_role, :if => :new_record?
def self.find_for_database_authentication(warden_conditions)
conditions = warden_conditions.dup
if login = conditions.delete(:login)
where(conditions).where(["username = :value OR lower(email) = lower(:value)", { :value => login }]).first
else
where(conditions).first
end
end
def set_default_role
self.role ||= :user
end
end
我相信错误来自这种find_for_database_authentication方法
任何帮助是极大的赞赏。谢谢!