Rails 5，未定义的方法‘ for’用于 # < Devise on line design_reference_sanitizer. for

小开

最佳答案

According to the documentation:

The Parameter Sanitaizer API has changed for Devise 4

class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?


protected


def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end

小开

Don't forget devise_parameter_sanitizer.permit(:account_update, keys: [:username])

小开

If you just change the .for to .permit it works as well. For example:

devise_parameter_sanitizer.permit(:sign_up) { |u| u.permit({ roles: [] }, :email, :password, :password_confirmation, :username) }

It works in both Rails 4.2.x and Rails 5.0.x

小开

class ApplicationController < ActionController::Base


before_action :configure_permitted_paramters, if: :devise_controller?


protected
def configure_permitted_paramters


devise_parameter_sanitizer.permit(:sign_up, keys: [:fullname])


devise_parameter_sanitizer.permit(:account_update, keys: [:fullname,
:phone_number, :description, :email, :password])


end


end

小开

I think you missed account_update in your controller's configure_permitted_parameters method, you need to follow the devise pattern. Devise has a an account update page. You can find this in views/devise/registrations/edit.html.erb, and your code is also not going to work in the sign_up page, here you specified sign_up page

To update your user table, the minute you submit an update in your users/edit, or if you are submitting a username in the sign_up page you need to follow this devise pattern, to update the database User table. Even if you added a new column to the user table, you would have to add it to the configure_permitted_parameters method. In your case it's username, but you missed account_update as well. You're basically saying that you want to update the username or add the string to username field without following the Devise pattern. Any field you add to the User table should follow this Devise pattern. Also you can specify which page is permitted to update this username. In my example below, i'm using the devise update page. So like I said, even if you added a custom field name to Users table you need to follow this pattern. If you have another page where you need to add username, you would just do the same thing.

class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?


protected


def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
devise_parameter_sanitizer.permit(:account_update, keys: [:username])
end
end

Next make sure in your user.rb you have validate username in your User model.

class User < ApplicationRecord
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable


validates :username, presence: true
end

小开

To update your user table, the minute you submit an update in your users/edit, or if you are submitting a username in the sign_up page you need to follow this devise pattern, to update the database User table. Even if you added a new column to the user table, you would have to add it to the configure_permitted_parameters method. In your case it's username, but you missed account_update as well. You're basically saying that you want to update the username or add the string to username field without following the Devise pattern. Any field you add to the User table should follow this Devise pattern. Also you can specify which page is permitted to update this username. In my example below, i'm using the devise update page. So like I said, even if you added