个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
我正在使用地理编码器对用户进行地理定位,并将获得的值存储在用户表中(在名为 user_country_name 的属性中)。
我确信它与地理编码器无关,但我无法简单地在“用户帐户”页面中编辑国家/地区。
我尝试编辑电子邮件和密码,它有效,但与 Devise 基本表单相比,我添加的其他自定义字段无效。
我想我已经完成了在 Rails 4 中更新帐户属性所需的所有操作,但整整 2 天都不断出现此错误!
ActionController::UnpermittedParameters at /
found unpermitted parameters: user_country_name
这是我的用户信息编辑表单
<%= semantic_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put, :class => 'form-vertical' }) do |f| %>
<%= f.semantic_errors %>
<%= f.inputs do %>
<%= f.input :email, :required => true %>
<%= f.input :user_country_name,
:as => :select,
:collection => COUNTRIES, # sends to a constant I have with all countries
:prompt => true
%>
<%= f.input :password, :input_html => { :autocomplete => "off" }, :hint => t("devise.registrations.edit_account_page.leave_blank_if_dont_want_to_change"), :required => false %>
<%= f.input :password_confirmation, :required => false %>
<% end %>
<%= f.actions do %>
<div>
<%= f.action :submit, :label => t("devise.registrations.edit_account_page.update"), :button_html => { :class => 'btn-primary' } %>
</div>
<div class="half-right-small return-login">
<%= link_to t("directions.back"), :back %>
</div>
<% end %>
<% end %>
这是我的应用程序 Controller
class ApplicationController < ActionController::Base
protect_from_forgery
include CountrySetter # handle localization through ip lookup and the I18n used
include LocaleSetter
# handle Cancan authorization exception
rescue_from CanCan::AccessDenied do |exception|
exception.default_message = t("errors.application_controller_exception_messages.only_open_to_admin")
if current_user # if it's user redirect to main HP
redirect_to root_path, :alert => exception.message
else
redirect_to customerinterface_path, :alert=> exception.message
end
end
before_filter :configure_permitted_parameters, if: :devise_controller?
private
before_filter :authenticate_user_from_token!
before_filter :authenticate_customer_from_token!
def authenticate_user_from_token!
user_email = params[:user_email].presence
user = user_email && User.find_by_email(user_email)
if user && Devise.secure_compare(user.authentication_token, params[:user_token])
sign_in user, store: false # we are signing in user if it exists. sign_in is devise method to sign in any user
redirect_to root_path # now we are redirecting the user to root_path i.e our homepage
end
end
protected
def configure_permitted_parameters
[:sign_up, :account_update].each do |sanitize_me|
devise_parameter_sanitizer.for(sanitize_me) do |u|
u.permit(:email, :password, :password_confirmation, :user_country_name)
end
end
end
def devise_parameter_sanitizer
if resource_class == User
UserParameterSanitizer.new(User, :user, params)
else # for customers
CustomerParameterSanitizer.new(Customer, :customer, params)
end
end
end
最后是 RegistrationsController 表单设计:
class RegistrationsController < Devise::RegistrationsController
def update
# added for upgrade to Rails 4
account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
# required for settings form to submit when password is left blank
if account_update_params[:password].blank?
account_update_params.delete("password")
account_update_params.delete("password_confirmation")
end
@user = User.find(current_user.id)
if @user.update(account_update_params) # Rails 4 .update introduced with same effect as .update_attributes
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case his password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render "edit"
end
end
# for Rails 4 Strong Parameters
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation, :current_password, :user_country_name)
end
private :resource_params
# used to update user-country by ip lookup when user signs up and associate newly signed-up user with a country
# source - stackoverflow.com/questions/24294169/devise-sign-up-how-to-save-an-attribute-without-having-a-form-field-for-it-ra
protected
def after_sign_up_path_for(resource)
resource.update(user_country_name: set_country) #use concerns/CountrySetter loaded by ApplicationController
root_path
end
end
编辑
回答一些询问路线的评论
MyApp::Application.routes.draw do
# redundancy with below standard users 'root to' code. Goal: to easily be able to change
# the page if decide one day that users should see a different page when they log in
# used to be a bug- solved with: https://github.com/plataformatec/devise/issues/2393#issuecomment-17544388
authenticated :user do
root to: 'static_pages#home', as: :authenticated_root
end
# Homepage for unauthenticated users
# used to be a bug- solved with: https://github.com/plataformatec/devise/issues/2393#issuecomment-17544388
unauthenticated do
root to: 'static_pages#home' # , as: :unauthenticated_root
end
# Routes for users
devise_for :users,
:token_authentication_key => 'authentication_key',
:controllers => { confirmations: 'confirmations',
registrations: 'registrations',
sessions: 'sessions',
passwords: 'passwords',
unlocks: 'unlocks' },
path: '', # inspired by Nitish solution to make devise urls custom (source: tackoverflow.com/questions/19889570/rails-devise-user-registration-route-post)
path_names: { :sign_in => "signin",
:sign_out => "logout",
:sign_up => "signup" }
resources :users
# Routes for customers
devise_for :customers,
controllers: { registrations: 'customers/registrations', # inspired by stackoverflow.com/questions/20913157/devise-views-with-multiple-models
confirmations: 'customers/confirmations',
sessions: 'customers/sessions',
passwords: 'customers/passwords',
unlocks: 'customers/unlocks' },
path: 'advertiser', # inspired by Nitish solution to make devise urls custom (source: tackoverflow.com/questions/19889570/rails-devise-user-registration-route-post)
path_names: { :sign_in => "signin",
:sign_out => "logout",
:sign_up => "signup" }
# Routes for the interface with reportings and private data for Customers
# Customers interface HP can be accessed at /campaigns
match '/customerinterface',
to: 'clientreporting_pages#index',
path: 'campaigns',
via: 'get'
# Routes for all managed by Active Admin (deals creation, prizes creation...)
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
# Static Pages
match '/help', to: 'static_pages#help', path: 'help', via: 'get'
match '/aboutus', to: 'static_pages#aboutus', path: 'about-us', via: 'get'
match '/contact', to: 'static_pages#contact', via: 'get'
match '/howitworks', to: 'static_pages#howitworks', path: 'about', via: 'get'
match '/globalpresence', to: 'static_pages#globalpresence',path: 'global', via: 'get'
这是我在本地控制台中得到的错误的详细日志
Started PUT "/" for 127.0.0.1 at 2014-10-08 19:55:50 +0200
Processing by RegistrationsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"geygeyegyegyegyegeykd7NwrVyAw=", "user"=>{"email"=>"emailtest@gmail.com", "user_country_name"=>"Germany", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"<span class="}
User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."id" = 457 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 7ms
ActionController::UnpermittedParameters - found unpermitted parameters: user_country_name:
actionpack (4.0.5) lib/action_controller/metal/strong_parameters.rb:372:in `unpermitted_parameters!'
actionpack (4.0.5) lib/action_controller/metal/strong_parameters.rb:270:in `permit'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:66:in `permit'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:58:in `account_update'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:77:in `default_sanitize'
devise (3.2.4) lib/devise/parameter_sanitizer.rb:24:in `sanitize'
app/controllers/registrations_controller.rb:11:in `update'
actionpack (4.0.5) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
actionpack (4.0.5) lib/abstract_controller/base.rb:189:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/rendering.rb:10:in `process_action'
actionpack (4.0.5) lib/abstract_controller/callbacks.rb:18:in `block in process_action'
activesupport (4.0.5) lib/active_support/callbacks.rb:483:in `_run__3174996646979711185__process_action__callbacks'
activesupport (4.0.5) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.5) lib/abstract_controller/callbacks.rb:17:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
activesupport (4.0.5) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.0.5) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.0.5) lib/active_support/notifications.rb:159:in `instrument'
actionpack (4.0.5) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.0.5) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.0.5) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.0.5) lib/abstract_controller/base.rb:136:in `process'
actionpack (4.0.5) lib/abstract_controller/rendering.rb:44:in `process'
actionpack (4.0.5) lib/action_controller/metal.rb:195:in `dispatch'
actionpack (4.0.5) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.0.5) lib/action_controller/metal.rb:231:in `block in action'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:80:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:80:in `dispatch'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:48:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/mapper.rb:44:in `call'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:71:in `block in call'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:59:in `each'
actionpack (4.0.5) lib/action_dispatch/journey/router.rb:59:in `call'
actionpack (4.0.5) lib/action_dispatch/routing/route_set.rb:674:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:35:in `call'
rack (1.5.2) lib/rack/head.rb:11:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/flash.rb:241:in `call'
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/cookies.rb:486:in `call'
activerecord (4.0.5) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.0.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:in `call'
activerecord (4.0.5) lib/active_record/migration.rb:373:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.0.5) lib/active_support/callbacks.rb:373:in `_run__2636980444171422651__call__callbacks'
activesupport (4.0.5) lib/active_support/callbacks.rb:80:in `run_callbacks'
actionpack (4.0.5) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/reloader.rb:64:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
better_errors (1.1.0) lib/better_errors/middleware.rb:84:in `protected_app_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:79:in `better_errors_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:56:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.0.5) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.0.5) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.0.5) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.0.5) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.0.5) lib/rails/rack/logger.rb:20:in `call'
quiet_assets (1.0.2) lib/quiet_assets.rb:18:in `call_with_quiet_assets'
actionpack (4.0.5) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
rack (1.5.2) lib/rack/runtime.rb:17:in `call'
activesupport (4.0.5) lib/active_support/cache/strategy/local_cache.rb:83:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
railties (4.0.5) lib/rails/engine.rb:511:in `call'
railties (4.0.5) lib/rails/application.rb:97:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
rack (1.5.2) lib/rack/content_length.rb:14:in `call'
rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
/home/me/.rvm/rubies/ruby-2.0.0-p451/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'
编辑#2
我尝试了你们提出的所有建议,但没有任何效果。然后我尝试了一件事:我删除了 devise_parameter_sanitizer。然后就可以了!!但是我应该/可以在不损害应用程序安全性的情况下删除它吗?这个 block 不重要吗?
这是我删除的 block :
def devise_parameter_sanitizer
if resource_class == User
UserParameterSanitizer.new(User, :user, params)
else # for customers
CustomerParameterSanitizer.new(Customer, :customer, params)
end
end
它告诉我关于这个问题的什么信息?也许这是真正错误的重要线索,但我不明白:)
非常感谢您的帮助!
最佳答案
你能试试这个吗
应用程序 Controller
before_action :configure_permitted_parameters, if: :devise_controller?
和
应用程序 Controller
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << [your params]
devise_parameter_sanitizer.for(:account_update) << [your params]
end
注册 Controller
<!-- REMOVE -->
# added for upgrade to Rails 4
account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
# for Rails 4 Strong Parameters
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation, :current_password, :user_country_name)
end
private :resource_params
让我知道这对你来说效果如何,你似乎在不同的地方多次声明你允许的参数
关于ruby-on-rails - 无法使用 Devise(Rails 4、devise 3、formtastic、geocoder)在我的 Rails 4 应用程序中编辑用户(帐户更新)的自定义字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26184495/
24
4
0
我已将 Devise 设置为允许使用电子邮件或用户名登录。使用您的用户名,您可以拥有一个个性网址,如下所示:vanity.com/username。因此,我的用户模型具有 attr_accessibl
我有个类似的问题。我正在使用sendmail选项,并继续出现错误 “发送邮件需要使用SMTP发件人地址。设置邮件 smtp_envelope_from,return_path,发件人或地址。” 我已经
我在为我的用户表做种子时遇到问题。 (rails 3.2.6,jruby 1.6.7.2,devise 2.1.2) 这是一个非常通用的用户表,由“rails generate devise User
我为公司设计了一个设计。我做了一个表用户,希望我想存储用户信息密码等。当用户注册时,我希望它创建一个新用户和公司的关联。 我的公司模型:has_one:用户我的用户模型:Belongs_to: 公司
我目前正在从我们的应用程序中删除 IP 日志记录,我想知道使用 Devise 执行此操作的最佳方法是什么? 最佳答案 你的答案看起来不错,但如果你只想跟踪特定用户的 IP,一个(不那么冗长但可能更令人
我有一个包含 Devise (2.2.3) 和 Active Admin (0.5.1) 的应用程序,我先安装了 Devise,然后安装了 Active Admin。整个应用程序需要登录,所以在我的应
我有一个包含 Devise (2.2.3) 和 Active Admin (0.5.1) 的应用程序,我先安装了 Devise,然后安装了 Active Admin。整个应用程序需要登录,所以在我的应
我在 API 模式下使用 Rails,使用 Devise 和 Devise JWT(用于 API)和 ActiveAdmin。我一切正常,但我一直在构建 API Controller ,现在 Acti
在使用 Devise TestHelpers 的文档中,它声明使用诸如... @request.env["devise.mapping"] = Devise.mappings[:admin] 或者 @
许多程序员使用 devise 作为他们的身份验证解决方案,我想听听他们的建议: Devise 已经过测试,但我想知道是否有我自己要测试的东西(集成/单元/功能测试?),以根据我的知识进行标准设计集成(
我正在尝试通过 JSON 注册设备用户,但一直收到 ActiveModel::ForbiddenAttributesError class Api::V1::RegistrationsControll
我正在使用 Rails 4.0.2 和 Devise 3.2.2 来处理用户注册/身份验证。 我已经用谷歌搜索并在 stackoverflow 上搜索答案,但找不到可以回答我的问题的东西。 下面的代码
我正在使用 ruby 2.2.3 和 rails 4.2.5。我无法在我的项目上运行 rails generate devise:install。 Bundler 抛出错误。错误如下 rails
我正在使用设计和 devise-basecamper用于使用我的基于子域的 Web 应用程序进行身份验证。 我想允许 super 用户访问任何帐户(基本上是任何子域)。 我不确定我将如何实现这一点,以
我正在为我的应用程序实现设计邮件程序,我已完成以下步骤: 在模型中: class User "smtp.gmail.com", :port => 587, :domain =
我在 SO 上找到了类似的线程,但没有一个帮助我解决了这个问题。我的路线如下: devise_for :users do post '/users' => 'registrations#cre
编辑 2:看起来对我来说一个快速的临时修复是在我的 link_to_unless_current 和 current_page 方法中的 Controller 名称前面添加一个正斜杠“/”。例如 '
由于无法控制的原因,我无法在当前项目中使用RSpec进行测试。我正在尝试测试“设计重置密码”,但似乎无法提出有用的建议。 这是我到目前为止的内容: require 'test_helper' clas
我有一个问题,一开始看起来并不难,但实际上我无法解决。我正在尝试将 Refinery 用作应用程序的 CMS。我想将 Refinery 用户和其他类型的用户分开,称他们为 mktgeistusers,
我想自定义以下由devise提供的flash msg 在 devise.en.yml 文件中: devise: failure: unconfirmed: 'You have to
我是一名优秀的程序员,十分优秀!