I'm doing the onemonth rails and I'v got a problem with the attr_accessible function. I've installed it as a gem in rails 4(gem 'protected_attributes') and using it with the simple_form.
But the problem is that when I update my form with a name, it doesnt remember it! But it says it updated successfully??
Ths is my user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
attr_accessible :email, :password, :password_confirmation, :remember_me, :name
end
Since you are using Devise you can remove the entire attr_accessible line (and the strong_parameters gem, see more below). Devise provides a controller which handles sign-up for you already.
If you want to add other attributes to your user you can subclass Devise::RegistrationsController with your custom controller:
# app/controllers/registrations_controller
class RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:user).permit(:name, :email, :password, :password_confirmation)
end
def account_update_params
params.require(:user).permit(:name, :email, :password, :password_confirmation, :current_password)
end
end
You then need to tell Devise to route to your custom controller:
# config/routes.rb
devise_for :users, :controllers => { registrations: 'registrations' }
PS. I would also recommend removing the strong_parameters gem and use the out of the box Rails 4 strong parameters. There are several known problems with whitelisting parameters on the model level (different params for different actions for example).