Jam*_* L. 4 ruby-on-rails devise web strong-parameters ruby-on-rails-4
这些字段是通过迁移添加的,并且创建了视图的表单,但控制器会在从视图到模型的路径上过滤参数.无论我做什么,我的参数总是不允许的.我的控制器代码
#应用程序/控制器/用户/ registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_sign_up_params, only: [:create]
before_filter :configure_account_update_params, only: [:update]
protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up)<<[:first_name,:last_name,:profile_image,:graduation_year]
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.for(:account_update)<<[:first_name,:last_name,:profile_image,:graduation_year]
end
end
end
#配置/ routes.rb中
Rails.application.routes.draw do
#...
devise_for :users, controllers: { account_update: "users/registrations", sign_up:"users/registrations" }
end
#错误
Parameters: {"utf8"=>"?", "authenticity_token"=>"Qts15L3n6Xvsn0hwNvIUI6UrWUQyV/qEyoQAZ8M+udMK1RBTQS1XoNWgpg1JrXqWpb9NbrsaHtQVVU8XMwoSIQ==",
"user"=>{"first_name"=>"a", "last_name"=>"a",
"profile_image"=>#<ActionDispatch::Http::UploadedFile:0x00000004fe0bb0 @tempfile=#<Tempfile:/tmp/RackMultipart20150709-4420-12guerh.jpeg>, @original_filename="test1.jpeg", @content_type="image/jpeg", @headers="Content-Disposition: form-data; name=\"user[profile_image]\"; filename=\"test1.jpeg\"\r\nContent-Type: image/jpeg\r\n">,
"graduation_year"=>"1", "email"=>"aaaaaa@a.a",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"},
"commit"=>"Submit"}
Unpermitted parameters: first_name, last_name, profile_image, graduation_year
感谢大家的帮助.真的很感激!
我的config/routes.rb搞砸了.它需要
devise_for :users, controllers: { registrations: 'users/registrations' }
然后我需要添加:email,:password,:password_confirmation回到app/controllers/users/registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_sign_up_params, only: [:create]
before_filter :configure_account_update_params, only: [:update]
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up)<<[:first_name,:last_name,:profile_image,:graduation_year,
:email,:password,:password_confirmation]
end
def configure_account_update_params
devise_parameter_sanitizer.for(:account_update)<<[:first_name,:last_name,:profile_image,:graduation_year,
:email,:password,:password_confirmation]
end
end
此外,文件底部还有一个额外的"结束".
更新
在当前版本的devise(4.3)/ rails(5.1.3)中它是类似的,但配置函数应该更新为如下所示:
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :age, :height, :weight, :gender])
end
| 归档时间: |
|
| 查看次数: |
1880 次 |
| 最近记录: |