Ruby-on-rails 添加自定义参数以设计注册 - 不允许的参数
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/42572124/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Adding custom parameters to devise registration - unpermitted parameters
提问by Bogdan Daniel
I've been trying to customize the devise register method to register with more parameters and also update more(no luck so far), but I always get Unpermitted parameters:error. I tried using this Adding extra registration fields with Deviseand https://github.com/plataformatec/devise#strong-parameters, but I cant get over that.
我一直在尝试自定义设计注册方法以注册更多参数并更新更多(到目前为止没有运气),但我总是遇到Unpermitted parameters:错误。我尝试使用此添加额外的注册字段与 Devise和https://github.com/plataformatec/devise#strong-parameters,但我无法克服。
I've also thought about creating a new table to hold a foreign key the user id and put in there stuff like user_id, display_name, profile_picture, but I would have the same problem when trying to submit everything from the same page(mess with the devise controller).
我还考虑过创建一个新表来保存用户 id 的外键并将其放入其中user_id, display_name, profile_picture,但在尝试从同一页面提交所有内容时会遇到同样的问题(与设计控制器混乱)。
Do you have any suggestions on how I can solve this? What else do I have to post?
你对我如何解决这个问题有什么建议吗?我还需要发布什么?
routes.rb
路由文件
devise_for :users, controllers: { registrations: 'users/registrations' }
users/regC
用户/注册中心
def create
build_resource(registration_params)
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
respond_with resource, :location => after_sign_up_path_for(resource)
end
else
clean_up_passwords
respond_with resource
end
end
private
def registration_paramss
params.require(:user).permit(:email, :display_name, :terms_of_services, :profile, :password, :password_confirmation)
end
回答by gkats
Looks like you just need to tell devise which parameters should be permitted. By default, devise permits the email (or username depending on configuration), password and password_confirmation params. You just need to add more.
看起来您只需要告诉设计应该允许哪些参数。默认情况下,devise 允许使用电子邮件(或用户名,取决于配置)、密码和 password_confirmation 参数。你只需要添加更多。
The devise documentationsuggests a "lazy way" of setting this up.
该色器件文档建议设置此功能的“懒办法”。
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:display_name])
end
end
The documentation then says that
然后文档说
If you have nested attributes (say you're using
accepts_nested_attributes_for), then you will need to tell devise about those nestings and types.
如果您有嵌套属性(假设您正在使用
accepts_nested_attributes_for),那么您将需要告诉设计这些嵌套和类型。
Only if you need to override the registrations#createaction you should provide your custom route for devise. In that case, make sure you override the sign_up_paramsmethod too.
仅当您需要覆盖registrations#create操作时,您才应该为设计提供自定义路由。在这种情况下,请确保您也覆盖该sign_up_params方法。
class Users::RegistrationsController < Devise::RegistrationsController
def create
# Your custom code here. Make sure you copy devise's functionality
end
private
# Notice the name of the method
def sign_up_params
params.require(:user).permit(:display_name, :email, :password, :password_confirmation)
end
end
In essence, you'd have to look into how your sign up form is posting the parameters to figure out how to configure strong parameters in the controller. Make sure you read on strong parameterssyntax as well.
本质上,您必须查看您的注册表单如何发布参数,以找出如何在控制器中配置强参数。确保你也阅读了强参数语法。
Hope it helps!
希望能帮助到你!
回答by Jbur43
For Devise 4.2.0 you can whitelist additional parameters for your users table by adding those values to keys. By default devise gives you the comment to go off of now. Below I added :avatar
对于设计 4.2.0,您可以通过将这些值添加到键来将用户表的其他参数列入白名单。默认情况下,设计会为您提供立即关闭的评论。下面我加了:avatar
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute, :avatar])
end
回答by Coding Enthusiast
The accepted answer says the config should go in your applicationController but it can simply go in your user registration controller and you can specify that you only want to run it for create method and nothing else:
接受的答案说配置应该放在你的 applicationController 中,但它可以简单地放在你的用户注册控制器中,你可以指定你只想为 create 方法运行它,而不是别的:
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_sign_up_params, only: [:create]
protected
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:enter_param_name_here])
end
end
回答by Nezir
In my case this worked:
在我的情况下,这有效:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:account_update) { |u| u.permit(:name, :last_name, :image,:email, :password, :password_confirmation, :current_password) }
end
end
