Need help with Unpermitted Parameters for Devise | Rails 4

rubyonrails-talk
1

Users\registrations_controller.rb

class User::RegistrationsController < Devise::RegistrationsController

before_filter :configure_permitted_parameters

protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) do |u| u.permit(:username, :email, :age, :custommodel, :gender, :password, :password_confirmation) end

devise_parameter_sanitizer.for(:account_update) do |u| u.permit(:username, :email, :age, :custommodel, :gender, :password, :password_confirmation, :current_password) end end end

User.rb

class User < ActiveRecord::Base # Include default devise modules. Others available are: # :confirmable, :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable validates :email, :custommodel, :age, :gender, :presence => true validates :username, presence: true, uniqueness: true end

application_controller.rb

class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception before_action :configure_permitted_parameters, if: :devise_controller?

protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:custommodel1, :custommodel2, :custommodel3, :custommodel4, :custommodel5, :custommodel6, :phonenumber, :username)} devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:username, :age, :custommodel, :gender)} devise_parameter_sanitizer.for(:account_update) {|u| u.permit(:username, :custommodel1, :custommodel2, :custommodel3, :custommodel4, :custommodel5, :custommodel6, :custommodel7, :custommodel8, :age, :custommodel9, :gender)} end end

I've done just about everything I can't get these actions to go into the db, but I continuously get Unpermitted parameters: email, password, password_confirmation rollback transaction. What can I do to get these models to conform with the Devise strong parameters?

Thank you again

2

Hi David,

I think the parameters were not allowed into the registrations controller from the application controller in your case. Your application controller should look like this.

class ApplicationController < ActionController::Base

Prevent CSRF attacks by raising an exception.

For APIs, you may want to use :null_session instead.

protect_from_forgery with: :exception before_action :configure_permitted_parameters, if: :devise_controller?

protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:custommodel1, :custommodel2, :custommodel3, :custommodel4, :custommodel5, :custommodel6, :phonenumber, :username)} devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:username, :age, :custommodel, :gender, :email, :password, :password_confirmation)}

devise_parameter_sanitizer.for(:account_update) {|u| u.permit(:username, :custommodel1, :custommodel2, :custommodel3, :custommodel4, :custommodel5, :custommodel6, :custommodel7, :custommodel8, :age, :custommodel9, :gender)} end end