设计：未经许可参数

Question

我不知道为什么，但下面的代码只是停止工作（我甚至没有注意到它是怎么发生的）

的routes.rb

devise_for :users, components: {registrations: 'registrations', sessions: 'sessions'} 

registations_controller .RB

class RegistrationsController < Devise::RegistrationsController 
    before_filter :configure_permitted_parameters 

    def configure_permitted_parameters 
    devise_parameter_sanitizer.for(:sign_up).push(:name, :surname, :username, :email, :avatar) 
    devise_parameter_sanitizer.for(:account_update).push(:name, :surname, :email, :avatar) 
    end 

end 

正如我所说的，everyting工作过罚款，但现在我越来越：

Processing by Devise::RegistrationsController#create as HTML 
    Parameters: {"utf8"=>"✓", "authenticity_token"=>"lvuPOmTRqv6XUQ/O1g4Q9VNvzD7DgGCHocY/OlAvKHEIvWAHvlS982hxSZZzzAESCpmL5QTUcTLw/c9ME/sUFQ==", "user"=>{"name"=>"John", "surname"=>"Doe", "username"=>"foobar", "email"=>"foobar@example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Register"} 
Unpermitted parameters: name, surname, email 

Cofiguration：

• 的Rails 4.2.5
• 设计3.5.6

PS：现在我finnaly明白我为什么要支付我的代码与单元测试和使用特拉维斯CI

Answer 1

我认为你应该尝试“configure_ allowed_pa​​rameters“方法而不是注册控制器。

class ApplicationController < ActionController::Base 

before_action :configure_permitted_parameters, if: :devise_controller? 

protected 

def configure_permitted_parameters 
    devise_parameter_sanitizer.for(:sign_up).push(:name, :surname,:username, :email, :avatar) 
    devise_parameter_sanitizer.for(:account_update).push(:name, :surname, :email, :avatar) 
end 
end 

Answer 2

for方法自4.1以来已被弃用。用这个代替：

class ApplicationController < ActionController::Base  
    before_action :configure_permitted_parameters, if: :devise_controller? 

    protected 

    def configure_permitted_parameters 
    attributes = [:name, :surname,:username, :email, :avatar] 
    devise_parameter_sanitizer.permit(:sign_up, keys: attributes) 
    devise_parameter_sanitizer.permit(:account_update, keys: attributes) 
    end 
end