![](/img/trans.png)
[英]Devise Parameter Sanitizer not working with Cucumber / Capybara / Rspec
[英]Devise strong parameter sanitizer
我在嘗試使用devise時自定義我的輸入參數。 我已盡力遵循有關該主題的設計文檔 。 我還在Google上廣泛搜索了一些有用的文章,例如這篇文章。 最后,當我填寫表格並點擊提交時,返回的是新用戶頁面上的“ sign_up”表格。 當我在控制台中檢查db時,沒有添加新用戶,並且下面列出了帶有相關代碼的服務器日志。 如果您想查看其他任何代碼,請讓我知道,並及時提出問題。 任何幫助都將受到贊賞。
服務器日志:
Started GET "/users/sign_up
utf8=%E2%9C%93&authenticity_token=lnKi02OIXc3sSkCpCzKmvQ6iaSZPI6s9aVxN9pCavH8%3D&user%5Bemail%5D=kit%40kit.com&user%5Bhandle%5D=kit&user%5Bpassword%5D=[FILTERED]&user%5Bpassword_confirmation%5D=[FILTERED]&commit=Sign+Up" for 127.0.0.1 at 2013-11-17 21:01:31 -0800
Processing by Devise::RegistrationsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"lnKi02OIXc3sSkCpCzKmvQ6iaSZPI6s9aVxN9pCavH8=", "user"=>{"email"=>"kit@kit.com", "handle"=>"kit", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign Up"}
Rendered devise/shared/_links.erb (0.3ms)
Rendered devise/registrations/new.html.erb within layouts/application (3.7ms)
Completed 200 OK in 10ms (Views: 9.0ms | ActiveRecord: 0.0ms)
我的應用程序控制器:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
protected
def devise_parameter_sanitizer
if resource_class == User
User::ParameterSanitizer.new(User, :user, params)
else
super # Use the default one
end
end
end
User_sanitizer:
class User::ParameterSanitizer < Devise::ParameterSanitizer
private
def account_sign_in
default_paramiters.permit(:first_name, :last_name, :handle, :email, :password, :password_confirmation, :current_password)
end
def account_sign_up
default_paramiters.permit(:first_name, :last_name, :handle, :email, :password, :password_confirmation, :current_password)
end
def account_account_update
default_paramiters.permit(:first_name, :last_name, :handle, :email, :password, :password_confirmation, :current_password)
end
end
application.html.erb
<!DOCTYPE html>
<html>
<head>
<title>Meowit</title>
<%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track" => true %>
<%= javascript_include_tag "application", "data-turbolinks-track" => true %>
<%= csrf_meta_tags %>
</head>
<body>
<nav class="navbar navbar-default" role="navigation">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="<%= root_path %>">MeowIT</a>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li><a href="<%= meows_path %>">Feed</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li>
<% if user_signed_in? %>
<li class="dropdown">
<a href="" class="dropdown-toggle" data-toggle="dropdown">Account<b class="caret"></b></a>
<ul class="dropdown-menu">
<li><%= "#{current_user.email}" %></li>
<li><%= link_to "Edit", edit_user_registration_path %></li>
<li><%= link_to("Logout", destroy_user_session_path, :method => :delete) %></li>
</ul>
</li>
<% else %>
<li><%= link_to("Login ", new_user_session_path) %></li>
<% end %>
</div><!-- /.navbar-collapse -->
</nav>
<% if flash[:success] %>
<div class='alert alert-success'>
<%= flash[:success] %>
</div>
<% end %>
<% if flash[:info] %>
<div class='alert alert-info'>
<%= flash[:info] %>
</div>
<% end %>
<% if flash[:warning] %>
<div class='alert alert-warning'>
<%= flash[:warning] %>
</div>
<% end %>
<% if flash[:danger] %>
<div class='alert alert-danger'>
<%= flash[:danger] %>
</div>
<% end %>
<div class="container">
<%= yield %>
</div>
</body>
</html>
sanitizers.rb:
require "#{Rails.application.root}/lib/user_sanitizer.rb"
new.html.erb(在views / devise / registrations內部):
<div class="row">
<div class="col-lg-6">
<div class="well">
<form class="bs-example form-horizontal">
<fieldset>
<legend>Sign Up</legend>
<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
<%= f.error_notification %>
<%= f.label :Email, class: "col-lg-2 control-label" %>
<div class="col-lg-10">
<%= f.text_field :email, :required => true, :autofocus => true, class: "form-control" %>
</div>
<br>
<br>
<br>
<%= f.label :"Name", class: "col-lg-2 control-label" %>
<div class="col-lg-10">
<%= f.text_field :handle, :required => false, class: "form-control" %>
</div>
<br>
<br>
<br>
<%= f.label :Password, class: "col-lg-2 control-label" %>
<div class="col-lg-10">
<%= f.password_field :password, :required => true, class: "form-control" %>
</div>
<br>
<br>
<br>
<%= f.label :"Password Confirmation", class: "col-lg-2 control-label" %>
<div class="col-lg-10">
<%= f.password_field :password_confirmation, :required => true, class: "form-control" %>
</div>
<br>
<br>
<div class="col-lg-10 col-lg-offset-2">
<%= f.button :submit, "Sign Up", class: "btn btn-primary" %>
</div>
<% end %>
</fieldset>
</form>
</div>
</div>
</div>
<%= render "devise/shared/links" %>
編輯(1)
在app / controllers類RegistrationsController <Devise :: RegistrationsController中創建了新文件registrations_controller.rb
private
def configure_devise_params
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:email, :password, :password_confirmation)
end
end
end
修改了route.rb中的devies_for路由,使其指向新控制器。
devise_for :users, :controllers => {:registrations => "registrations"}
最后,我在應用程序控制器中注釋掉了對devise_parameter_sanitizer的引用,並刪除了
require "#{Rails.application.root}/lib/user_sanitizer.rb"
在sanitizers.rb中
不知道您是否仍然需要幫助,但是通過刪除帶前綴的帳戶,我能夠使消毒器正常工作。
在您的user_sanitizer.rb內部,從您的方法中刪除“帳戶”。
def sign_in
...
end
def sign_up
...
end
這樣做對我有用。
您可以將其添加到設計注冊控制器
private
def configure_devise_params
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:email, :password, :password_confirmation)
end
end
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.