Devise NoMethodError 'for' ParameterSanitizer
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :email])
devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name, :phone, :email, bank_attributes: [:bank_name, :bank_account]])
end
end
"The .for method is deprecated in 4.1 +
The first arg is the action name. :sign_up is for creating new Devise resources (such as users), and :account_update is for editing/updating the resource.
The second arg, :keys contains an array of the parameters you allow.
If you want nested_attributes, there is an example in :account_update, you put a separate array in with the key being _attributes."
Rails 5, Undefined method `for' for #Devise on line devise_parameter_sanitizer.for
According to the documentation:
The Parameter Sanitaizer API has changed for Devise 4
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
NoMethodError: private method `permit' called for #Devise::ParameterSanitizer
Try
def configure_devise_permitted_parameters
registration_params = [:name , :account,:first_name, :last_name]
if params[:action] == 'create'
devise_parameter_sanitizer.for(:sign_up) do
|u| u.permit(registration_params)
end
end
end
This may help you
Devise Parameter Sanitizer For Method Not Found Rails 5
The .for method is deprecated, from devise 4.1+ .permit method is available
Try .permit.
It should work.
devise_parameter_sanitizer.permit(:my_action) { |u| u.permit(..) }
Hope this will help you :)
How to specify devise_parameter_sanitizer for edit action?
Once again, it was a matter of reading the manual ...
The magic word is :account_update
and thus the working version becomes
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname, :nickname) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password, :firstname, :middlename, :lastname, :nickname) }
end
Note that if you're in the business of signing in using non-standard parameters, the word you're looking for is :sign_in
(as expected).
Error while adding username to my rails web app(devise gem)
Try
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
And as @J.D. mentioned, use before_action
rather than before_filter
.
Devise Parameter Sanitizer not working with Cucumber / Capybara / Rspec
Dropped devise back to v3.5.9 and that seemed to make it go away.
Happy to hear advice on what to do with devise 4+.
Rails 4 + Custom Devise attributes -- ParameterSanitizer Error
When the User class is modified and auto-reloaded in development mode, the User::ParameterSanitizer constant is destroyed. But User::ParameterSanitizer is only created when its source file is require
'd in your sanitizers initializer.
Rename User::ParameterSanitizer
to UserParameterSanitizer
and you should be fine.
Devise - overriding ParameterSanitizer
In this initialize
method you save the params
as an instance variables @params
so in your method you should do:
class Employer::ParameterSanitizer < Devise::ParameterSanitizer
def initialize(*)
super
@params.permit(:sign_up, keys: [:forename, :surname, :username])
end
also I believe this should work without specifying @params
Explanation
to find the solution to this problem check the devise api
to better understand the methods you are calling and read the `Devise::ParameterSanitizer source code
I am quoting their ruby-rocs about the #permit()
method
Instance Method Details
#permit(action, keys: nil, except: nil, &block) ⇒ Object
Add or remove new parameters to the permitted list of an action.
Arguments
action
- A Symbol with the action that the controller is performing, likesign_up
,sign_in
, etc.
keys
: - An Array of keys that also should be permitted.
except
: - An Array of keys that shouldn't be permitted.
block
- A block that should be used to permit the action parameters instead of the Array based approach. The block will be called with anActionController::Parameters
instance.Examples
# Adding new parameters to be permitted in the `sign_up` action.
devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
# Removing the `password` parameter from the `account_update` action.
devise_parameter_sanitizer.permit(:account_update, except: [:password])
# Using the block form to completely override how we permit the
# parameters for the `sign_up` action.
devise_parameter_sanitizer.permit(:sign_up) do |user|
user.permit(:email, :password, :password_confirmation)
end
Returns nothing.
Also I quote
If you have multiple Devise models, you may want to set up a different parameter sanitizer per model. In this case, we recommend inheriting from Devise::ParameterSanitizer and adding your own logic:
class ApplicationController < ActionController::Base
protected
def devise_parameter_sanitizer
if resource_class == User
User::ParameterSanitizer.new(User, :user, params)
else
super # Use the default one
end
end
end
User::ParameterSanitizer.new(User, :user, params)
will call this initializer method from parameter_sanitizer.rb
source code
def initialize(resource_class, resource_name, params)
@auth_keys = extract_auth_keys(resource_class)
@params = params
@resource_name = resource_name
@permitted = {}
DEFAULT_PERMITTED_ATTRIBUTES.each_pair do |action, keys|
permit(action, keys: keys)
end
end
so basically you are calling initialize(User, :user, params)
, I don't understand why devise is accepting params
in this method, as it has his own way of allowing attributes by saving a static hash of permitted field.
DEFAULT_PERMITTED_ATTRIBUTES = {
sign_in: [:password, :remember_me],
sign_up: [:password, :password_confirmation],
account_update: [:password, :password_confirmation, :current_password]
}
and the permitting them with a loop
DEFAULT_PERMITTED_ATTRIBUTES.each_pair do |action, keys|
permit(action, keys: keys)
end
In this initialize
method you save the params
as an instance variables @params
so in your method you should do:
class Employer::ParameterSanitizer < Devise::ParameterSanitizer
def initialize(*)
super
@params.permit(:sign_up, keys: [:forename, :surname, :username])
end
Related Topics
Mechanize How to Get Current Url
Ruby: How to Calculate a Path Relative to Another One
Including a Virtual Attribute in the Respond_With Hash
Differences Between Literals and Constructors? ([] VS Array.New and {} VS Hash.New)
Ruby Object Prints Out as Pointer
Rails - Paperclip Validating Attachment Size When It Shouldn't Be
Changing Value of Ruby Variables/References
How to Integrate Rubocop with Rake
Iterate Over Days, Starting from X Date Through an End Date
How Rails Delegate Method Works
How to Allow Binary File Download Using Grape API
How to Do Named Capture in Ruby
How to Ignore or Skip a Test Method Using Rspec