I have this code in my application_controller.rb
before_filter :update_sanitized_params, if: :devise_controller?
before_filter :store_location
protect_from_forgery with: :exception
def update_sanitized_params
devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:email, :password, :password_confirmation, :role)}
devise_parameter_sanitizer.for(:sign_in) {|u| u.permit(:email, :password) }
end
but I still have validation errors from devise
Email can't be blank
Password can't be blank
Password can't be blank
Role is not included in the list
Devise was working fine few days ago I don't know what messed up with it I have added active_admin may be this created conflicts any help please??
Assuming that you are getting the validation errors while updating a User record.
def update_sanitized_params
devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:email, :password, :password_confirmation, :role)}
devise_parameter_sanitizer.for(:sign_in) {|u| u.permit(:email, :password) }
## Permit the attributes for account_update
devise_parameter_sanitizer.for(:account_update) {|u| u.permit(:email, :password, :password_confirmation, :role) }
end
You need to permit the attributes explicitly which you would like to be updated by specifying devise_parameter_sanitizer.for(:account_update) else they would not be passed to users table for updating.
I have solved the Problem by adding this line in user.rb
attr_accessible :email, :password, :role
and this works with gem " protected_attributes"
Related
i want sepearate layout for the devise sign in action.
i am using following code,in my application controller.
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
layout :layout_by_resource
def after_sign_in_path_for(resource)
stored_location_for(resource) ||
if resource.is_a?(User)
new_applicant_response_url
else
homepage_admin_page_path
end
end
protected
def layout_by_resource
if devise_controller?
"layout_name_for_devise"
else
"application"
end
end
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:assessment_id, :name, :email, :password, :password_confirmation, :remember_me) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :email, :password, :password_confirmation, :current_password) }
end
end
and i generated the devise views and added some stylng to the devise sign in page.
when i click on devise/sign_in the following output i got in the terminal
Started GET "/admins/sign_in" for 127.0.0.1 at 2015-07-24 12:39:49 +0530
Processing by Devise::SessionsController#new as HTML
Rendered devise/shared/_links.html.erb (0.9ms)
Rendered devise/sessions/new.html.erb within layouts/layout_name_for_devise (6.9ms)
Completed 200 OK in 21ms (Views: 8.4ms | ActiveRecord: 1.0ms)
iam getting the layout properly for this devise sign in action. but in that layout devise sign_in form is not rendering,only layout is rendering.
Your layout probably does not call yield in it.
Hi am working on sample app where I am using devise for authentication.
I am adding following extra parameters while registration.
:first_name, :last_name, :mobile, :gender, :address
But I am getting following Unpermitted parameters: first_name, last_name, password_confirmation error while registering new user.
I refereed following links
Add Custom Field/Column to Devise with Rails 4
http://www.jacopretorius.net/2014/03/adding-custom-fields-to-your-devise-user-model-in-rails-4.html
But it didn't worked. Here is not code set
user.rb
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
validates_confirmation_of :password, :only => :create
end
I also implemented same in application controller but it didn't worked so I created separate
registration controller.
registration_controller.rb
class RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:first_name, :last_name, :mobile, :gender, :address, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name,
:email, :password, :password_confirmation, :current_password)
end
end
end
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
private
def after_sign_in_path_for(resource)
user_landing_page
end
def user_landing_page
contact_us_path
end
end
devise/registration/new.html.haml
.container
.row
.col-sm-6.col-md-4.col-md-offset-4
%h1.text-center.login-title Create New Account
.account-wall
%img.profile-img{:alt => "", :src => "https://lh5.googleusercontent.com/-b0-k99FZlyE/AAAAAAAAAAI/AAAAAAAAAAA/eu7opA4byxI/photo.jpg?sz=120"}
= form_for(resource, as: resource_name, class: "form-signin input-medium", url: session_path(resource_name)) do |f|
= f.text_field :first_name, class: "form-control", placeholder: "First Name", autofocus: true
= f.text_field :last_name, class: "form-control", placeholder: "Last Name", autofocus: true
= f.email_field :email, class: "form-control", placeholder: "Email", autofocus: true
= f.password_field :password, class: "form-control", placeholder: "Password", autocomplete: "off"
= f.password_field :password_confirmation, class: "form-control", placeholder: "Confirm Password", autocomplete: "off"
= f.submit "Log in", class: "btn btn-lg btn-primary btn-block login-button"
development.log
Parameters: {"utf8"=>"✓", "authenticity_token"=>"pe7wBW3iWnn39p3nJAi8utbuECj+x8zX/pIxr/6sKbo=", "user"=>{"first_name"=>"first_name", "last_name"=>"last_name", "email"=>"admin#my.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Log in"}
Unpermitted parameters: first_name, last_name, password_confirmation
Rendered devise/sessions/new.html.haml within layouts/application (6.6ms)
Rendered layouts/_home_header.html.haml (1.2ms)
Completed 200 OK in 426ms (Views: 316.8ms | ActiveRecord: 0.0ms)
routes.rb
Rails.application.routes.draw do
root :to => 'landing#index'
devise_for :users, :controllers => {:registrations => "registrations"}
get '/about_us' => 'statics#about_us', as: :about_us
get '/contact_us' => 'statics#contact_us', as: :contact_us
end
can any one suggest what I am missing.
I am using Rails 4.1.4, ruby 2.1.2 and devise 3.4.1.
As per my understanding, you are registering new user. Here is your mistake
= form_for(resource, as: resource_name, class: "form-signin input-medium", url: session_path(resource_name)) do |f|
you are using session_path that means you are going to "Log In" not for "Sign Up". So change it
= form_for(resource, as: resource_name, class: "form-signin input-medium", url: registration_path(resource_name)) do |f|
Currently my application is using devise and my users are required to enter a password when updating their profile.
I am working on implementing an additional field to my user's table which remembers their sidebar navigational preference (expanded or collapsed). For testing, I setup a boolean field called "menu_collapsed" which is set to "false" by default.
I am trying to have this value updated to "true" remotely when the user decides to condense the sidebar menu.
Index
<li><%= link_to('Toggle', toggle_menu_preference_user_path(#user), :method => :put) %></li>
Routes
resources :users do
member { put :toggle_menu_preference }
end
Users Controller
def toggle_menu_preference
#user = current_user
#user.menu_collapsed = !#user.menu_collapsed
#user.save
end
Application Controller
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:first_name, :last_name, :email, :account_id, :account_name, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:account_update).concat([:name])
end
When I click on the link, it will process the request but I hit a wall with Devise wanting the user to include their password.
Is there a way to by pass the requirement for a password just for this user attribute?
This seems to work like a charm!
Tested on local host as well as Heroku
Application Controller (added :menu_collapsed) to sanitizer
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:first_name, :last_name, :email, :account_id, :account_name, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:account_update).concat([:name, :menu_collapsed])
end
Routes
resources :users do
member { put :toggle_menu_preference }
end
User Controller
def menu_preference
#user = current_user
#user.menu_collapsed = !#user.menu_collapsed
#user.save
if #user.menu_collapsed
render :nothing => true
else
render :nothing => true
end
end
View
<%= link_to menu_preference_user_path(current_user), id: "layout-condensed-toggle", remote: true do %>
<div class="iconset top-menu-toggle-dark"></div>
<% end %>
ever since i updated to rails 4 i've been struggeling with strong_params. I finaly tought i had it but now there seems to an unexpected_end some where. i think i overlook everything but it still seems to be wrong somewhere.
i'm very new to ruby on rails aswel.
user.rb
class User < ActiveRecord::Base
#attr_accessible :name, :email, :password, :password_confirmation
#attr_acessor :password
has_secure_password
before_save { self.email = email.downcase }
email_regex = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates :nickname, :presence => true,
:length => { :maximum => 50 }
validates :email, :presence => true,
:uniqueness => { :case_sensitive => false },
:format => { :with => email_regex }
validates :password, :presence => true,
end
users_controller.rb
class UsersController < ApplicationController
def new
#title = "Sign Up"
#user = User.new
end
def show
#user = User.find(params[:id])
end
def create
#user = User.new(user_params)
if #user.save
redirect_to #user
else
render "new"
end
end
private
def user_params
params.require(:user).permit(:nickname, :email, :password, :password_confirmation )
end
end
As per the comment, i.e., i forgot the comma at the end validates :password, :presence => true, OP has resolved the issue. I am just posting it as an answer (not expecting credit for the same) so SO community knows that the question is complete and answered.
You have an extra comma at the end of validates :password, :presence => true, which is causing the error.
Removing that would resolve your issue.
validates :password, :presence => true
I can't understand why permit_params wont work with custom create action.
For example lets take basic AdminUser resource.
By default all is working fine. We have:
ActiveAdmin.register AdminUser do
permit_params :email, :password, :password_confirmation
form do |f|
f.inputs "Admin Details" do
f.input :email
f.input :password
f.input :password_confirmation
end
f.actions
end
end
But as soon we add custom create for some reasons permit_params wont work anymore.
ActiveAdmin.register AdminUser do
permit_params :email, :password, :password_confirmation
form do |f|
f.inputs "Admin Details" do
f.input :email
f.input :password
f.input :password_confirmation
end
f.actions
end
controller do
def create
AdminUser.create(params[:admin_user])
do_some_magic_stuff_here
redirect_to backend_admin_users_path, notice: 'Custom create'
end
end
end
I got error "ActiveModel::ForbiddenAttributesError" in line "AdminUser.create(params[:admin_user])"
Tried many possible solutions and only one worked for me, but i really don't like this:
def create
AdminUser.create(params[:admin_user].permit(:email, :password, :password_confirmation))
do_some_magic_stuff_here
redirect_to admin_admin_users_path, notice: 'Custom create'
end
I can't understand why i can't get to work default way as it should work:
def admin_user_params
params.require(:admin_user).permit(:email, :password, :password_confirmation)
end
Can someone explain me please what is happening here? Any nice way to have custom actions work with permit_params?
permit_params is just part of the AA DSL that defines a method called permitted_params, which in turn is called from the create and update actions. Try this:
permit_params :email, :password, :password_confirmation
controller do
def create
#admin_user = AdminUser.create(permitted_params)
do_some_magic_stuff_here
redirect_to backend_admin_users_path, notice: "Custom create"
end
end
permit_params is really just a simpler form of the old, but still valid way of enabling strong parameters:
controller do
def permitted_params
params.permit admin_user: [:email, :password, :password_confirmation]
end
end
Been struggling with the same problem here. The most strange thing is that it works on nitrous.io box but on my production server it doesn't. I've checked and I'm using the same rails 4.2.0 version.
Regards
Fak