0

我正在尝试使用 Devise Invitable 对我的应用程序中的现有用户实施邀请。

乍一看这失败了,因为 Devise Invitable 最适合用于新用户 - 即未注册用户。

但这就是我的User::InvitationsController样子(为简洁起见被截断):

class Users::InvitationsController < Devise::InvitationsController
include ApplicationHelper
  before_filter :configure_permitted_parameters, if: :devise_controller?
  before_filter :update_sanitized_params, only: :update

  # PUT /resource/invitation

  def create
    invited_user = User.where(email: params[:user][:email])
    if !invited_user.empty?
      invitation_token = Devise.token_generator.digest(resource_class, :invitation_token, update_resource_params[:invitation_token])
      self.resource = resource_class.where(invitation_token: invitation_token).first
      family_tree = self.resource.invited_by.family_tree
      family_tree.memberships.create(:user_id => user.id, relation: update_resource_params[:relation])
      resource.create_membership_both_ways(params[:user][:invitation_token], params[:user][:relation])
      resource.skip_password = true
      resource.update_attributes update_resource_params.except(:invitation_token)
      redirect_to my_tree_path
     else
       super
     end
  end

  protected

  def update_sanitized_params
    devise_parameter_sanitizer.for(:accept_invitation) do |u|
      u.permit(:name, :password, :password_confirmation, :invitation_token, :invitation_relation,:avatar, :avatar_cache, :relation)
    end
  end

  def update_resource_params
    devise_parameter_sanitizer.sanitize(:accept_invitation) do |u|
      u.permit(:email)
    end
  end
end

当我使用 pry 进行调试时,当我四处寻找时会发生这种情况invitation_token

[1] pry(#<Users::InvitationsController>)> invitation_token
=> false
[2] pry(#<Users::InvitationsController>)> update_resource_params
Unpermitted parameters: email
=> {"name"=>"", "invitation_relation"=>"uncle"}

关于可能导致此问题的原因或如何解决此unpermitted paramters :email问题的想法?

编辑 1

这些是相关的路线:

  devise_for :users, :controllers => { :invitations => 'users/invitations', :confirmations => 'confirmations' }

  devise_scope :user do
    post "users/invitation/sign_in" => "users/invitations#invite_sign_in"
  end

编辑 2

在我的application_controller.rb我有一个我添加的方法,:email它似乎已经停止了这个错误:

  def configure_permitted_parameters
    # Once I added :email to this method, it stopped throwing the unpermitted error
    devise_parameter_sanitizer.for(:accept_invitation) do |u|
      u.permit(:name, :email, :last_name, :invitation_relation)
    end
  end
4

1 回答 1

1

使用 Devise 和配置 allowed_pa​​rams 时最好在应用程序控制器中执行此操作,您可以通过以下两种方式之一执行此操作

def configure_permitted_parameters
 devise_parameter_sanitizer.for(:accept_invitation) do |u|
   u.permit(:name, :email, :last_name, :invitation_relation)
 end
end

或者

def configure_permitted_params
  devise_parameter_sanitizer.for(:accept_invitation) << [:name, :email, :last_name, :invitation_relation]
end
于 2014-10-09T07:04:50.040 回答