在 Rails 4.0 中向设计添加新字段的不允许的参数 [英] Unpermitted Parameters adding new fields to Devise in rails 4.0
问题描述
对使用 rails 非常陌生.我已经使用 Devise 实现了一个基本的登录系统.我正在尝试在 sign_up 页面中添加几个新字段(bio:string, name:string).我已正确显示所有内容,并且新字段已添加到数据库中(当我在 SQLbrowser 中查看它时)但是,它们没有填充,并且在用户提交注册表单后有一条消息,其中部分内容如下:
Very new to working with rails. I have implemented a basic login system using Devise. I am trying to add a couple of new fields (bio:string, name:string) into the sign_up page. I have everything displaying correctly and the new fields are added to the database (when I view it in SQLbrowser) however, they are not populating and after the user submits the sign_up form there is a message which part of it says:
Unpermitted parameters: bio, name
我已将 2 个字符串添加到 _devise_create_users.rb
I have added the 2 strings to the _devise_create_users.rb
# added
t.string :bio
t.string :name
我让它们出现在 schema.rb 中
And I have them showing up in the schema.rb
ActiveRecord::Schema.define(version: 20130629002343) do
create_table "users", force: true do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
t.datetime "created_at"
t.datetime "updated_at"
t.string "shortbio"
t.boolean "admin", default: false
t.string "realname"
t.string "name"
t.string "bio"
end
add_index "users", ["email"], name: "index_users_on_email", unique: true
add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end
我的用户.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
#:token_authenticatable, :confirmable,
#:lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
end
这个问题是否与强参数有关?我很难围绕它们以及在哪里/如何实施.
Is this problem something to do with Strong Parameters? I am having a hard time wrapping my head around them and where/how to implement.
推荐答案
公认的解决方案已经足够好了,但我看到两个问题:1) 所有的控制器都会检查当前控制器是否是设计控制器 (if: :devise_controller?
) 和 2) 我们需要在方法中写入所有可接受的参数 (...for(:sign_up) {|u| u.permit(:bio, :name)}
),甚至是 :email
、:password
等等.
The accepted solution is good enough, but I see two problems: 1) All the controllers will check if the current controller is the devise controller (if: :devise_controller?
) and 2) We need to write all the acceptable parameters in the method (...for(:sign_up) {|u| u.permit(:bio, :name)}
), even the :email
, :password
and so on.
我认为更优雅的解决方案可能是:
I think that a more elegant solution could be:
# app/controllers/users/registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up).push(:name, :phone, :organization)
end
end
# config/routes.rb
devise_for :users, :controllers => { :registrations => "users/registrations" }
注意:Rails 4.2+ 的更新
这个答案已经过时了:
- 将 Rails 4.2.1 和 Devise 3.4.1 的用户/注册"路径中的用户"更改为用户".
devise_parameter_sanitizer.permit()
替换了 Devise 4 的devise_parameter_sanitizer.for()
(参见 Rails 5, Undefined method `for' for #<Devise on line devise_parameter_sanitizer.for)立>
- Change "users" to "user" in the "users/registration" path for Rails 4.2.1 and Devise 3.4.1.
devise_parameter_sanitizer.permit()
replacesdevise_parameter_sanitizer.for()
for Devise 4 (see Rails 5, Undefined method `for' for #<Devise on line devise_parameter_sanitizer.for)
这篇关于在 Rails 4.0 中向设计添加新字段的不允许的参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!