CODEWITHSUNDEEP
ruby-on-railsdeviseregistrationstrong-parameters
Gibson
Gibson

Reputation: 2085

Devise not saving parameters that are already sanitized in App Controller Rails 4

My registrations are working properly, I have 3 custom fields: name, avatar, avatar_cache.

Only the :name custom field is giving me a: Unpermitted parameters: name in console.

I already sanitized strong parameters in Application Controller and the avatar / avatar_cache are saving correctly. Am I missing something?

  def configure_permitted_parameters
  devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :password_confirmation) }
  end

  def configure_permitted_parameters
  devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :current_password, :password_confirmation) }
  end

Upvotes: 1

Views: 723

Answers (1)

Kirti Thorat
Kirti Thorat

Reputation: 53028

Currently, you have redefined the method configure_permitted_parameters, which is why Ruby is picking the latest method definition i.e., the one which whitelists attributes for account_update. So, when you try to sign_up with custom attribute name, you would receive

Unpermitted parameters: name warning

as because of the overwriting the method configure_permitted_parameters, devise has no idea about the custom attributes that should have been whitelisted for sign_up

Your configure_permitted_parameters method should look like:

class ApplicationController < ActionController::Base

  before_filter :configure_permitted_parameters, if: :devise_controller?
  ## ...

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :password_confirmation) }
    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :current_password, :password_confirmation) } 
  end
end

Upvotes: 3

Related Questions