cor*_*zle 3 ruby ruby-on-rails devise strong-parameters
在我的应用程序中,我最初创建了一个用户脚手架,然后我创建了一个Devise User模型,只是将属性添加到User模型,但是在我的用户控制器中,每当我尝试使参数"username"成为允许的参数时,它仍然会吐出来错误"用户名不是允许的参数".
我的user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :rememberable, :trackable, :validatable
belongs_to :role
def email_required?
false
end
def email_changed?
false
end
end
我的用户控制器
class UsersController < ApplicationController
before_filter :authenticate_user!
before_action :set_user, only: [:show, :edit, :update, :destroy]
# GET /users
# GET /users.json
def index
@users = User.all
end
# GET /users/1
# GET /users/1.json
def show
end
# GET /users/new
def new
@user = User.new
end
# GET /users/1/edit
def edit
end
# POST /users
# POST /users.json
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:role_id, :username, :password, :password_confirmation)
end
end
正如你所看到的,我已经将'用户名'属性放入了强大的参数中,但它仍然是不允许的.非常感谢任何帮助,谢谢!
在application_controller.rb中尝试这个
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email, :password) }
end
文档https://github.com/plataformatec/devise#strong-parameters
| 归档时间: |
|
| 查看次数: |
354 次 |
| 最近记录: |