سؤال
I have upgraded to Rails 4 and have gone the strong_parameters route. The problem is that it's throwing the following error pointing to the customer registrations controller I'm using for Devise:
https://stackoverflow.com/questions/16573447
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):
app/controllers/users/registrations_controller.rb:89:in `build_resource'
app/controllers/users/registrations_controller.rb:6:in `create'
Line 6 is build_resource being called from the create method and build_resource is stock standard:
def build_resource(hash=nil)
hash ||= resource_params || {}
self.resource = resource_class.new_with_session(hash, session)
end
The model it is dealing with is User. I have tried Ryan Bates' approach of creating a permitted params class:
class PermittedParams < Struct.new(:params, :current_user)
def user
params.require(:user).permit(*user_attributes)
end
def user_attributes
[:name, :username, :provider, :email, :remember_me,
:rememberable_token, :password, :password_confirmation]
end
I'm not sure how to handle this in the registrations controller.
المحلول
Devise is just released a new rc gem which is compatible with Rails 4.
gem 'devise', '~> 3.0.0.rc'
Other option, you could use 'rails4' branch from devise master github repo.
gem 'devise', github: 'plataformatec/devise', branch: 'rails4'
And of course don't forget a 'bundle install' after Gemfile update.
نصائح أخرى
I found out you have to add this to the registrations controller:
class Users::RegistrationsController < Devise::RegistrationsController
def resource_params
params.require(:user).permit(:name, :email, :password, :password_confirmation) # And whatever other params you need
end
private :resource_params
end
