I am using Rails 4 and Devise 3. I have added a custom field of "name." When I submit a name, I receive the "unpermitted parameters: name" and "can't mass assign protected attributes for User: email" errors.
I have been told to add code to a users controller, however Devise did not create one. Am I supposed to create a users_controller.rb on my own, or is there something I am missing here?
My User model looks like this:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable, #:recoverable,
:rememberable, :trackable, :validatable
#attr_accessible :name, :password, :password_confirmation, :remember_me, :email
end
As you can see, I have tried to use attr_accessible, but commented it out since it's not supported in Rails 4.
Devise uses its own controllers to process your data, so you'd ideally add your extra params to those controllers. However, there are a number of ways you can do it
From Devise's Github:
In case you want to permit additional parameters (the lazy way™) you can do with a simple before filter in your ApplicationController:
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
From Strong parameters with Rails and Devise
# config/routes.rb
devise_for :users, :controllers => {:registrations => 'registrations'}
# controllers/users/registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters
protected
# my custom fields are :name, :heard_how
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:name, :heard_how,
:email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name,
:email, :password, :password_confirmation, :current_password)
end
end
end