Unpermitted Parameters - Rails 4

Hi,
I'm using Devise (3.2.4), Rails 4 and I'm trying to signup.

I have a Registration Controller where i do have:

"
def sign_up_params
             params.require(:user).permit(:email,:first_name,
:last_name,:mobile, :birthday, :current_password,
:password,:password_confirmation)
         end
"

and everytime i try to sign up I get the following message:

Processing by Devise::RegistrationsController#create as HTML
  Parameters: {"utf8"=>"✓",
"authenticity_token"=>"p9qVwZp/rDtJyvfV2TVdNXmh29JEoTs9SbyLHyNSq44=",
"user"=>{"first_name"=>"Joao", "last_name"=>"Miguel", "birthday"=>"",
"mobile"=>"0987654", "email"=>"joao.miguel@gmail.com",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"},
"commit"=>"Sign up"}
Unpermitted parameters: first_name, last_name, birthday, mobile

and my users table is updated but first_name, last_name, birthday,
mobile are null.

Does anyone has any idea how can I solve this issue?
thanks in advance

Hey there,

Have a look at this example
https://gist.github.com/bluemont/e304e65e7e15d77d3cb9
It should solve your problem.

After update my Registration Controller, restart server, I still get the
same error.

You need to override the devise strong params implementation inside your ApplicationController.

We could use a simple before_filter to check if devise controller is been use.


class ApplicationController < ActionController::Base

  before_filter :configure_permitted_parameters, if: :devise_controller?

private

  def configure_permitted_parameters

    devise_parameter_sanitazer.for(:sign_up){|u| u.permit(:first_name, :last_name, :birthday, :mobile, :password, :password_confirmation}

  end

end

´´´

Hope that helps.

Hi Rita,

Please, check the following steps:

  1. If you created a custom RegistrationController, you have to set devise routes to use it. Something like this:

<config/routes.rb>

devise_for :users, controllers: { registrations: “registrations” }

2.sign_up_params is a private method in devise source code. So make sure that your method definition is inside a private section of you custom controller as well.

private

def sign_up_params

(…)

end

I’ve written a blog post describing how my team extended devise’s RegistrationController here. Hope it helps.

Cheers,

Fernando

It worked.
Thank you so much for your help :slight_smile:

Hi

Acutly rails 4 support strong parameter , we need mention those attributes outside model such as nested attributes , needs declare in controller to_pramas private method

And more rails 4 strong parameter please check following link

http://pratap477.blogspot.in/2014/02/rails-4-strong-parameter.html

I think help u…