我想在我的应用中使用Devise Invitable实现对现有用户的邀请。update_resource_params给出不允许的参数错误 - 设计应用
乍一看这失败了,因为Devise Invitable最适用于新用户 - 即未注册。
,但是这是我的User::InvitationsController
样子(截断简洁):
class Users::InvitationsController < Devise::InvitationsController
include ApplicationHelper
before_filter :configure_permitted_parameters, if: :devise_controller?
before_filter :update_sanitized_params, only: :update
# PUT /resource/invitation
def create
invited_user = User.where(email: params[:user][:email])
if !invited_user.empty?
invitation_token = Devise.token_generator.digest(resource_class, :invitation_token, update_resource_params[:invitation_token])
self.resource = resource_class.where(invitation_token: invitation_token).first
family_tree = self.resource.invited_by.family_tree
family_tree.memberships.create(:user_id => user.id, relation: update_resource_params[:relation])
resource.create_membership_both_ways(params[:user][:invitation_token], params[:user][:relation])
resource.skip_password = true
resource.update_attributes update_resource_params.except(:invitation_token)
redirect_to my_tree_path
else
super
end
end
protected
def update_sanitized_params
devise_parameter_sanitizer.for(:accept_invitation) do |u|
u.permit(:name, :password, :password_confirmation, :invitation_token, :invitation_relation,:avatar, :avatar_cache, :relation)
end
end
def update_resource_params
devise_parameter_sanitizer.sanitize(:accept_invitation) do |u|
u.permit(:email)
end
end
end
当我使用撬进行调试,这就是发生在我闲逛invitation_token
:
[1] pry(#<Users::InvitationsController>)> invitation_token
=> false
[2] pry(#<Users::InvitationsController>)> update_resource_params
Unpermitted parameters: email
=> {"name"=>"", "invitation_relation"=>"uncle"}
思考关于什么可能导致这种情况,或者我如何摆脱这种unpermitted paramters :email
问题?
编辑1
这些都是相关的路线:
devise_for :users, :controllers => { :invitations => 'users/invitations', :confirmations => 'confirmations' }
devise_scope :user do
post "users/invitation/sign_in" => "users/invitations#invite_sign_in"
end
编辑2
在我application_controller.rb
我有我添加:email
的方法,它似乎已停止那个错误:
def configure_permitted_parameters
# Once I added :email to this method, it stopped throwing the unpermitted error
devise_parameter_sanitizer.for(:accept_invitation) do |u|
u.permit(:name, :email, :last_name, :invitation_relation)
end
end
IM一个假设你有这样的事情这在你的路线:controllers => {:invitations =>“invitations”} – Richlewis 2014-10-07 07:04:36
也这样做的帮助https://github.com/scambra/devise_invitable/wiki/Devise-Invitable-with-Strong-Parameters – Richlewis 2014-10-07 07:10:18
@Richlewis我更新与我的路线文件信息的问题,但你是对的。我在我的路线文件中有。重新链接...所以确切的代码片段根本没有帮助 - 只是试了一下。至少,方法名称是不同的,所以除非'update_resource_params'调用'resource_params',否则我看不出它会有什么帮助。除此之外,它似乎是我在那里的Rails 3版本,但功能不那么强大。我错了吗? – marcamillion 2014-10-07 08:30:34