Unpermitted Parameters - Rails 4

rubyonrails-talk
1

Hi, I'm using Devise (3.2.4), Rails 4 and I'm trying to signup.

I have a Registration Controller where i do have:

" def sign_up_params              params.require(:user).permit(:email,:first_name, :last_name,:mobile, :birthday, :current_password, :password,:password_confirmation)          end "

and everytime i try to sign up I get the following message:

Processing by Devise::RegistrationsController#create as HTML   Parameters: {"utf8"=>"✓", "authenticity_token"=>"p9qVwZp/rDtJyvfV2TVdNXmh29JEoTs9SbyLHyNSq44=", "user"=>{"first_name"=>"Joao", "last_name"=>"Miguel", "birthday"=>"", "mobile"=>"0987654", "email"=>"joao.miguel@gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"} Unpermitted parameters: first_name, last_name, birthday, mobile

and my users table is updated but first_name, last_name, birthday, mobile are null.

Does anyone has any idea how can I solve this issue? thanks in advance

2

Hey there,

Have a look at this example https://gist.github.com/bluemont/e304e65e7e15d77d3cb9 It should solve your problem.

3

After update my Registration Controller, restart server, I still get the same error.

4

You need to override the devise strong params implementation inside your ApplicationController.

We could use a simple before_filter to check if devise controller is been use.


class ApplicationController < ActionController::Base

  before_filter :configure_permitted_parameters, if: :devise_controller?

private

  def configure_permitted_parameters

    devise_parameter_sanitazer.for(:sign_up){|u| u.permit(:first_name, :last_name, :birthday, :mobile, :password, :password_confirmation}

  end

end

´´´

Hope that helps.
5

Hi Rita,

Please, check the following steps:

  1. If you created a custom RegistrationController, you have to set devise routes to use it. Something like this:

<config/routes.rb>

devise_for :users, controllers: { registrations: “registrations” }

2.sign_up_params is a private method in devise source code. So make sure that your method definition is inside a private section of you custom controller as well.

private

def sign_up_params

(…)

end

I’ve written a blog post describing how my team extended devise’s RegistrationController here. Hope it helps.

Cheers,

Fernando

6

It worked. Thank you so much for your help :slight_smile:

7

Hi

Acutly rails 4 support strong parameter , we need mention those attributes outside model such as nested attributes , needs declare in controller to_pramas private method

And more rails 4 strong parameter please check following link

http://pratap477.blogspot.in/2014/02/rails-4-strong-parameter.html

I think help u…