个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
我正在使用地理编码器对用户进行地理定位,并将获得的值存储在用户表中(在名为 user_country_name 的属性中)。
我确信它与地理编码器无关,但我无法简单地在“用户帐户”页面中编辑国家/地区。
我尝试编辑电子邮件和密码,它有效,但与 Devise 基本表单相比,我添加的其他自定义字段无效。
我想我已经完成了在 Rails 4 中更新帐户属性所需的所有操作,但整整 2 天都不断出现此错误!
ActionController::UnpermittedParameters at /
found unpermitted parameters: user_country_name
这是我的用户信息编辑表单
<%= semantic_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put, :class => 'form-vertical' }) do |f| %>
<%= f.semantic_errors %>
<%= f.inputs do %>
<%= f.input :email, :required => true %>
<%= f.input :user_country_name,
:as => :select,
:collection => COUNTRIES, # sends to a constant I have with all countries
:prompt => true
%>
<%= f.input :password, :input_html => { :autocomplete => "off" }, :hint => t("devise.registrations.edit_account_page.leave_blank_if_dont_want_to_change"), :required => false %>
<%= f.input :password_confirmation, :required => false %>
<% end %>
<%= f.actions do %>
<div>
<%= f.action :submit, :label => t("devise.registrations.edit_account_page.update"), :button_html => { :class => 'btn-primary' } %>
</div>
<div class="half-right-small return-login">
<%= link_to t("directions.back"), :back %>
</div>
<% end %>
<% end %>
这是我的应用程序 Controller
class ApplicationController < ActionController::Base
protect_from_forgery
include CountrySetter # handle localization through ip lookup and the I18n used
include LocaleSetter
# handle Cancan authorization exception
rescue_from CanCan::AccessDenied do |exception|
exception.default_message = t("errors.application_controller_exception_messages.only_open_to_admin")
if current_user # if it's user redirect to main HP
redirect_to root_path, :alert => exception.message
else
redirect_to customerinterface_path, :alert=> exception.message
end
end
before_filter :configure_permitted_parameters, if: :devise_controller?
private
before_filter :authenticate_user_from_token!
before_filter :authenticate_customer_from_token!
def authenticate_user_from_token!
user_email = params[:user_email].presence
user = user_email && User.find_by_email(user_email)
if user && Devise.secure_compare(user.authentication_token, params[:user_token])
sign_in user, store: false # we are signing in user if it exists. sign_in is devise method to sign in any user
redirect_to root_path # now we are redirecting the user to root_path i.e our homepage
end
end
protected
def configure_permitted_parameters
[:sign_up, :account_update].each do |sanitize_me|
devise_parameter_sanitizer.for(sanitize_me) do |u|
u.permit(:email, :password, :password_confirmation, :user_country_name)
end
end
end
def devise_parameter_sanitizer
if resource_class == User
UserParameterSanitizer.new(User, :user, params)
else # for customers
CustomerParameterSanitizer.new(Customer, :customer, params)
end
end
end
最后是 RegistrationsController 表单设计:
class RegistrationsController < Devise::RegistrationsController
def update
# added for upgrade to Rails 4
account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
# required for settings form to submit when password is left blank
if account_update_params[:password].blank?
account_update_params.delete("password")
account_update_params.delete("password_confirmation")
end
@user = User.find(current_user.id)
if @user.update(account_update_params) # Rails 4 .update introduced with same effect as .update_attributes
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case his password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render "edit"
end
end
# for Rails 4 Strong Parameters
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation, :current_password, :user_country_name)
end
private :resource_params
# used to update user-country by ip lookup when user signs up and associate newly signed-up user with a country
# source - stackoverflow.com/questions/24294169/devise-sign-up-how-to-save-an-attribute-without-having-a-form-field-for-it-ra
protected
def after_sign_up_path_for(resource)
resource.update(user_country_name: set_country) #use concerns/CountrySetter loaded by ApplicationController
root_path
end
end
编辑
回答一些询问路线的评论
MyApp::Application.routes.draw do
# redundancy with below standard users 'root to' code. Goal: to easily be able to change
# the page if decide one day that users should see a different page when they log in
# used to be a bug- solved with: https://github.com/plataformatec/devise/issues/2393#issuecomment-17544388
authenticated :user do
root to: 'static_pages#home', as: :authenticated_root
end
# Homepage for unauthenticated users
# used to be a bug- solved with: https://github.com/plataformatec/devise/issues/2393#issuecomment-17544388
unauthenticated do
root to: 'static_pages#home' # , as: :unauthenticated_root
end
# Routes for users
devise_for :users,
:token_authentication_key => 'authentication_key',
:controllers => { confirmations: 'confirmations',
registrations: 'registrations',
sessions: 'sessions',
passwords: 'passwords',
unlocks: 'unlocks' },
path: '', # inspired by Nitish solution to make devise urls custom (source: tackoverflow.com/questions/19889570/rails-devise-user-registration-route-post)
path_names: { :sign_in => "signin",
:sign_out => "logout",
:sign_up => "signup" }
resources :users
# Routes for customers
devise_for :customers,
controllers: { registrations: 'customers/registrations', # inspired by stackoverflow.com/questions/20913157/devise-views-with-multiple-models
confirmations: 'customers/confirmations',
sessions: 'customers/sessions',
passwords: 'customers/passwords',
unlocks: 'customers/unlocks' },
path: 'advertiser', # inspired by Nitish solution to make devise urls custom (source: tackoverflow.com/questions/19889570/rails-devise-user-registration-route-post)
path_names: { :sign_in => "signin",
:sign_out => "logout",
:sign_up => "signup" }
# Routes for the interface with reportings and private data for Customers
# Customers interface HP can be accessed at /campaigns
match '/customerinterface',
to: 'clientreporting_pages#index',
path: 'campaigns',
via: 'get'
# Routes for all managed by Active Admin (deals creation, prizes creation...)
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
# Static Pages
match '/help', to: 'static_pages#help', path: 'help', via: 'get'
match '/aboutus', to: 'static_pages#aboutus', path: 'about-us', via: 'get'
match '/contact', to: 'static_pages#contact', via: 'get'
match '/howitworks', to: 'static_pages#howitworks', path: 'about', via: 'get'
match '/globalpresence', to: 'static_pages#globalpresence',path: 'global', via: 'get'
这是我在本地控制台中得到的错误的详细日志
Started PUT "/" for 127.0.0.1 at 2014-10-08 19:55:50 +0200
Processing by RegistrationsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"geygeyegyegyegyegeykd7NwrVyAw=", "user"=>{"email"=>"emailtest@gmail.com", "user_country_name"=>"Germany", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"<span class="}
User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."id" = 457 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 7ms
ActionController::UnpermittedParameters - found unpermitted parameters: user_country_name:
actionpack (4.0.5) lib/action_controller/metal/strong_parameters.rb:372:in `unpermitted_parameters!'
actionpack (4.0.5) lib/action_controller/metal/strong_parameters.rb:270:in `permit'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:66:in `permit'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:58:in `account_update'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:77:in `default_sanitize'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:24:in `sanitize'
app/controllers/registrations_controller.rb:11:in `update'
actionpack (4.0.5) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
actionpack (4.0.5) lib/abstract_controller/base.rb:189:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/rendering.rb:10:in `process_action'
actionpack (4.0.5) lib/abstract_controller/callbacks.rb:18:in `block in process_action'
activesupport (4.0.5) lib/active_support/callbacks.rb:483:in `_run__3174996646979711185__process_action__callbacks'
activesupport (4.0.5) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.5) lib/abstract_controller/callbacks.rb:17:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
activesupport (4.0.5) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.0.5) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.0.5) lib/active_support/notifications.rb:159:in `instrument'
actionpack (4.0.5) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.0.5) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.0.5) lib/abstract_controller/base.rb:136:in `process'
actionpack (4.0.5) lib/abstract_controller/rendering.rb:44:in `process'
actionpack (4.0.5) lib/action_controller/metal.rb:195:in `dispatch'
actionpack (4.0.5) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.0.5) lib/action_controller/metal.rb:231:in `block in action'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:80:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:80:in `dispatch'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:48:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/mapper.rb:44:in `call'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:71:in `block in call'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:59:in `each'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:59:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:674:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:35:in `call'
rack (1.5.2) lib/rack/head.rb:11:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/flash.rb:241:in `call'
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/cookies.rb:486:in `call'
activerecord (4.0.5) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.0.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:in `call'
activerecord (4.0.5) lib/active_record/migration.rb:373:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.0.5) lib/active_support/callbacks.rb:373:in `_run__2636980444171422651__call__callbacks'
activesupport (4.0.5) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.5) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/reloader.rb:64:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
better_errors (1.1.0) lib/better_errors/middleware.rb:84:in `protected_app_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:79:in `better_errors_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:56:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.0.5) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.0.5) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.0.5) lib/rails/rack/logger.rb:20:in `call'
quiet_assets (1.0.2) lib/quiet_assets.rb:18:in `call_with_quiet_assets'
actionpack (4.0.5) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
rack (1.5.2) lib/rack/runtime.rb:17:in `call'
activesupport (4.0.5) lib/active_support/cache/strategy/local_cache.rb:83:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
railties (4.0.5) lib/rails/engine.rb:511:in `call'
railties (4.0.5) lib/rails/application.rb:97:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/content_length.rb:14:in `call'
rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'
编辑#2
我尝试了你们提出的所有建议,但没有任何效果。然后我尝试了一件事:我删除了 devise_parameter_sanitizer。然后就可以了!!但是我应该/可以在不损害应用程序安全性的情况下删除它吗?这个 block 不重要吗?
这是我删除的 block :
def devise_parameter_sanitizer
if resource_class == User
UserParameterSanitizer.new(User, :user, params)
else # for customers
CustomerParameterSanitizer.new(Customer, :customer, params)
end
end
它告诉我关于这个问题的什么信息?也许这是真正错误的重要线索,但我不明白:)
非常感谢您的帮助!
最佳答案
你能试试这个吗
应用程序 Controller
before_action :configure_permitted_parameters, if: :devise_controller?
和
应用程序 Controller
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << [your params]
devise_parameter_sanitizer.for(:account_update) << [your params]
end
注册 Controller
<!-- REMOVE -->
# added for upgrade to Rails 4
account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
# for Rails 4 Strong Parameters
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation, :current_password, :user_country_name)
end
private :resource_params
让我知道这对你来说效果如何,你似乎在不同的地方多次声明你允许的参数
关于ruby-on-rails - 无法使用 Devise(Rails 4、devise 3、formtastic、geocoder)在我的 Rails 4 应用程序中编辑用户(帐户更新)的自定义字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26184495/
24
4
0
sanitize 是什么意思在 Rails 中是什么意思? 我正在阅读 CanCanCan 的文档.它说: When using strong_parameters or Rails 4+, you
在过去的几个月里,我感觉自己对 Ruby on Rails (RoR) 开发的了解达到了极限。我为大/小客户和 friend /爱好项目开发了大大小小的应用程序。我知道如何开发这些应用程序,但开始感觉
我昨天参加了一个关于扩展 Rails 的聚会,其中一个主题是 Hexagonal Rails。然而,我只做了一年的 Rails,对 MVC 结构非常满意(也许太舒服了),所以我不太了解适配器和消息队列
我使用多个 Rails 应用程序,一些在 Rails 3.2/Ruby 2.0 上,一些在 Rails 2.3/Ruby 1.8.7 上。 他们的共同点是,随着他们的成长和添加更多的依赖项/ gem
这个问题在这里已经有了答案: Using Rails-UJS in JS modules (Rails 6 with webpacker) (5 个答案) 关闭 3 年前。 我正在尝试使用 UJS
我正在开发一个当前使用 Rails 1.2 的 Rails 应用程序,所以我现在离最新的稳定版本(Rails 2.3)还有很长的路要走。 我应该如何进行迁移到更新版本的 Rails 的过程? 我应该一
尝试按照 Ryan Bates Backbone.js 教程构建抽奖应用程序,但我已经遇到了第一段代码的问题。在 application.js 的 init 函数中,他初始化了 Raffler 路由的
我正在使用 Rails 3.2 并且我有一个数据库表,我想在其中找到符合以下条件的所有行: a = true and b = true and ( 0 true, :b =>
我有一个用户类和一个联系人,其中联系人是用户的子类。这两个类都存储在用户表中。 我的联系人可能有也可能没有电子邮件地址,而我的用户需要一个电子邮件地址(我的用户模型定义中有 validates_pre
我正在编写一个教程,我在其中演示了一些 rails 命令。在我的机器上 rails和 script/rails两者都同样有效。有“首选”形式吗?两者中哪一个更普遍? 最佳答案 当您运行 rails 时
我正在寻找有关通过我的应用程序前进的最佳方式的建议,这是我首次开始集成Elasticsearch。我是一名初学者,但是热衷于深入研究,以便原谅任何明显的错误! 我遵循了http://www.sitep
我刚刚用 Rails new 启动了一个新的 Rails 应用程序,将默认数据库设置更改为 PostgresSQL。我用 bin/rails s 启动服务器,结果很奇怪 2016-04-21 05:0
我收到一个参数并希望它是这样的字符串: "abc,efg" 或者像这样的数组 ["abc","efg"] 在第一种情况下,我想将它转换成一个数组,什么是好的方法? 这是我的想法 if params[:
我刚刚用 Rails new 启动了一个新的 Rails 应用程序,将默认数据库设置更改为 PostgresSQL。我用 bin/rails s 启动服务器,结果很奇怪 2016-04-21 05:0
我收到一个参数并希望它是这样的字符串: "abc,efg" 或者像这样的数组 ["abc","efg"] 在第一种情况下,我想将它转换成一个数组,什么是好的方法? 这是我的想法 if params[:
我有 Rails 4,这是我的默认版本(我仍然希望它是)。但我不想在我的电脑上添加 rails 3.2。在以下命令中:gem install rails -v 3.2.16 我有这个警告: railt
您好,我想使用 Sheevaplug 构建一个“Rails Brick”来自 Marvell(操作系统是开箱即用的 Ubuntu,但您可以在其上安装其他发行版)。它将成为家庭服务器和静音、低成本(99
我需要能够从 Rails 控制台发送我的 Rails 应用程序的 Postgres 数据库中所有未接受的邀请。 (我有一个名为 Invitations 的表,其中包含一个名为 accepted 的 b
validate :cannot_modify_if_locked, on: :update def cannot_modify_if_locked if self.locked erro
我正在学习教程(学习 Rails 播客),需要更改以下路由语法,以便它与 Rails 3.0 兼容。谁能帮忙? map.view_page ':name', :controller => 'viewe
我是一名优秀的程序员,十分优秀!