Ruby on rails 设计强大的参数
我想知道如何集成这两个gem(designe+强参数),因为强参数可能会在4.0中添加到rails核心 欢迎任何帮助 感谢对Desive 4.x的更新Ruby on rails 设计强大的参数,ruby-on-rails,ruby,ruby-on-rails-3,devise,strong-parameters,Ruby On Rails,Ruby,Ruby On Rails 3,Devise,Strong Parameters,我想知道如何集成这两个gem(designe+强参数),因为强参数可能会在4.0中添加到rails核心 欢迎任何帮助 感谢对Desive 4.x的更新 class ApplicationController < ActionController::Base before_filter :configure_permitted_parameters, if: :devise_controller? protected def configure_permitted_param
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
devise_parameter_sanitizer.permit(:sign_in, keys: [:username])
devise_parameter_sanitizer.permit(:account_update, keys: [:username])
end
end
所需的更改将覆盖某些控制器。简单的方法是在应用程序控制器中添加一个简单的before筛选器。如果您有不同的角色和/或其他更复杂的场景,下面的链接上还有其他选项:
您也可以尝试使用此方法,因为它允许包含嵌套参数
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username,:phone])
# permit nested attributes
# devise_parameter_sanitizer.permit(:sign_up, keys:
# [:username,:phone,profile_attributes:[:firstname, :lastname]])
end
end
class ApplicationController
这将适用于rails 4和5 Desive,rails在我看来,下一个答案更好,因为它依赖Desive公共API,这将是因为我的答案来自一年多以前。我已经根据新的发展更新了答案。这个问题是世界有多小的一个完美例子,你用我自己的要点回答了我的问题。这个答案不再有效。你需要使用
design\u parameter\u消毒剂。许可证(:注册,密钥:[:用户名])
是的,这是一种新的方法。这个问题是在Desive没有在代码上实现强参数的那一天提出的。
include ActiveModel::ForbiddenAttributesProtection
before_filter :configure_sanitized_params, if: :devise_controller?
def configure_sanitized_params
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:firstname, :designation_id, :middlename, :previous_experiance_year, :previous_experiance_month, :lastname, :email, :username, :password, :password_confirmation, :previous_experiance, :empid, :dob, :timezone, :doj, :gender, :education, :comments, :locked, :deactivated, :reason, :phone, :deactivated_date, :image) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:remove_image, :firstname, :designation_id, :middlename, :lastname, :email, :username, :empid, :dob, :timezone, :doj, :gender, :education, :comments, :locked, :deactivated, :reason, :phone, :deactivated_date, :image) }
end
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username,:phone])
# permit nested attributes
# devise_parameter_sanitizer.permit(:sign_up, keys:
# [:username,:phone,profile_attributes:[:firstname, :lastname]])
end
end