crentist crentist - 1 year ago 75
Ruby Question

Saving custom fields in devise User model in rails 4

I made a devise User model and added additional fields to it. When I create and account everything works fine, only with email, pw and pw conf.

I then want to allow the user to go to edit page and fill in the optional additional fields.
But, when they submit, everything is saved as nil.

class RegistrationsController < Devise::RegistrationsController

before_action :configure_permitted_parameters, if: :devise_controller?

def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in){ |u| u.permit(:email, :password) }
devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation)}
devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }

def update
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
if resource.update_with_password(user_params)
if is_navigational_format?
flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ? :update_needs_confirmation : :updated
set_flash_message :notice, flash_key
sign_in resource_name, resource, :bypass => true
respond_with resource, :location => after_update_path_for(resource)
clean_up_passwords resource
respond_with resource

def user_params
params.require(:user).permit(:email, :password, :current_password, :password_confirmation, :name, :username, :about)

I get this output in the console,

ActiveRecord::SchemaMigration Load (0.1ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by Devise::RegistrationsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"EG8FtCTBohuG2uwUvIqmY7KTsmYY1nMAXqTfc0Li+eQ=",
"user"=>{"email"=>"", "name"=>"Aaron", "username"=>"", "about"=>"",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "current_password"=>"[FILTERED]"}, "commit"=>"Update"}

User Load (2.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Unpermitted parameters: name, username, about

But nothing is saved in the database when I check in the console (with User.last). I am stuck, and have looked and have no idea what is wrong...

Answer Source

In Rails4 we have strong parameters so please

Add following line to your application_controller.rb

before_filter :configure_devise_params, if: :devise_controller?
  def configure_devise_params
    devise_parameter_sanitizer.for(:sign_up) do |u|
      u.permit(:first_name, :last_name, :gender, :email, :password, :password_confirmation)