Rails 4.0 with Devise. Nested attributes Unpermited parameters

by

config/routes.rb

Create your own registration controller like so … (see Devise documentation for the details of overriding controllers here …) … which is more elegant way as opposed to doing it via the ApplicationController

devise_for :users, controllers: {registrations: 'users/registrations'}

app/controllers/users/registrations_controller.rb

Override the new method to create a Profile associated with the User model as below … run the configure_permitted_parameters method before to sanitize the parameters (note how to add nested parameters)

class Users::RegistrationsController < Devise::RegistrationsController

  before_filter :configure_permitted_parameters

  # GET /users/sign_up
  def new

    # Override Devise default behaviour and create a profile as well
    build_resource({})
    resource.build_profile
    respond_with self.resource
  end

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) { |u|
      u.permit(:email, :password, :password_confirmation, :profile_attributes => :fullname)
    }
  end
end

db/migrate/xxxxxxxxxxxxxx_create_profiles.rb

This is the migration that generates the Profile model (note the reference to User) … this example profile only keeps fullname as an extension of the User but feel free to add as you wish!

class CreateProfiles < ActiveRecord::Migration
  def change
    create_table :profiles do |t|
       t.references :user
       t.string :fullname
       t.timestamps
    end
  end
end

app/models/user.rb

class User < ActiveRecord::Base

  # Associations
  has_one :profile, dependent: :destroy, autosave: true

  # Allow saving of attributes on associated records through the parent,
  # :autosave option is automatically enabled on every association
  accepts_nested_attributes_for :profile

  # Devise
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable
end

app/models/profile.rb

class Profile < ActiveRecord::Base

  # Associations
  belongs_to :user

  # Validations
  validates :fullname, presence: true
end

app/views/devise/registrations/new.html

<% resource.build_profile if resource.profile.nil? %>
<%= form_for(resource, :as => resource_name,
                       :url => registration_path(resource_name)) do |f| %>
  <ul>

    <%= devise_error_messages! %>

    <li class="fullname">
      <%= f.fields_for :profile do |profile_fields| %>
        <%= profile_fields.label :fullname %>
        <%= profile_fields.text_field :fullname %>
      <% end %>
    </li>
    <li class="email">
      <%= f.label :email %>
      <%= f.email_field :email, :autofocus => true %>
    </li>
    <li class="password">
      <%= f.label :password %>
      <%= f.password_field :password %>
    </li>
    <li class="password">
      <%= f.label :password_confirmation %>
      <%= f.password_field :password_confirmation %>
    </li>
    <li>
      <%= f.submit %>
    </li>
    <li>
      <p><%= render "devise/shared/links" %></p>
    </li>
  </ul>
<% end %>

More Related Contents:

  1. Rails – Strong Parameters – Nested Objects
  2. Override devise registrations controller
  3. Share session (cookies) between subdomains in Rails?
  4. Rails nested form with has_many :through, how to edit attributes of join model?
  5. rails – Devise – Handling – devise_error_messages
  6. Devise redirect after login fail
  7. devise and multiple “user” models
  8. Devise Secret Key was not set
  9. accepts_nested_attributes_for with belongs_to polymorphic
  10. Custom authentication strategy for devise
  11. Heroku/devise – Missing host to link to! Please provide :host parameter or set default_url_options[:host]
  12. How do I set up email confirmation with Devise?
  13. Rails, Devise authentication, CSRF issue
  14. How to sign in a user using Devise from a Rails console?
  15. Getting fields_for and accepts_nested_attributes_for to work with a belongs_to relationship
  16. Heroku not sending email with Gmail SMTP
  17. Devise update user without password
  18. Rails 4.0 Strong Parameters nested attributes with a key that points to a hash
  19. Adding extra registration fields with Devise
  20. Rails has_many through form with checkboxes and extra field in the join model
  21. where is devise implementation of “authenticate_user!” method?
  22. Rails Devise: after_confirmation
  23. rails 3 + devise: how to modify the mailer method for confirmation emails to add user’s second email address
  24. Rails devise: user_signed_in? not working
  25. Always getting 401 Unauthorized with new install of Rails + Devise
  26. Customizing Devise error messages in Rails 3?
  27. Rails4: How to permit a hash with dynamic keys in params?
  28. ActionController::InvalidAuthenticityToken in RegistrationsController#create
  29. Ruby/Rails: How do you customize the mailer templates of Devise?
  30. How to skip a before_filter for Devise’s SessionsController?

Leave a Comment