Rails 5.1+ params.require(:post).permit(:files => {}) Rails 5 params.require(:post).tap do |whitelisted| whitelisted[:files] = params[:post][:files].permit! end Rails 4 and below params.require(:post).tap do |whitelisted| whitelisted[:files] = params[:post][:files] end
config/routes.rb Create your own registration controller like so … (see Devise documentation for the details of overriding controllers here …) … which is more elegant way as opposed to doing it via the ApplicationController devise_for :users, controllers: {registrations: ‘users/registrations’} app/controllers/users/registrations_controller.rb Override the new method to create a Profile associated with the User model as below … Read more
The only situation I have encountered where permitting arbitrary keys in a nested params hash seems reasonable to me is when writing to a serialized column. I’ve managed to handle it like this: class Post serialize :options, JSON end class PostsController < ApplicationController … def post_params all_options = params.require(:post)[:options].try(:permit!) params.require(:post).permit(:title).merge(:options => all_options) end end try … Read more
My other answer was mostly wrong – new answer. in your params hash, :filename is not associated with another hash, it is associated with an ActiveDispatch::Http::UploadedFile object. Your last code line: def screenshot_params params.require(:screenshot).permit(:title, assets_attributes: :filename) is actually correct, however, the filename attribute is not being allowed since it is not one of the permitted … Read more
Once again, it was a matter of reading the manual … The magic word is :account_update and thus the working version becomes def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname, :nickname) } devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password, :firstname, :middlename, :lastname, :nickname) } end Note that if you’re in the business … Read more
As odd as it sound when you want to permit nested attributes you do specify the attributes of nested object within an array. In your case it would be Update as suggested by @RafaelOliveira params.require(:measurement) .permit(:name, :groundtruth => [:type, :coordinates => []]) On the other hand if you want nested of multiple objects then you … Read more
This https://github.com/rails/strong_parameters seems like the relevant section of the docs: The permitted scalar types are String, Symbol, NilClass, Numeric, TrueClass, FalseClass, Date, Time, DateTime, StringIO, IO, ActionDispatch::Http::UploadedFile and Rack::Test::UploadedFile. To declare that the value in params must be an array of permitted scalar values map the key to an empty array: params.permit(:id => []) In … Read more