rails - devise strong parameters is always unpermitted for registration

1
votes

I want to permit :full_name parameter for my user model registration in devise, and I always getting Unpermitted parameter: :full_name as response for Users::RegistrationsController#create action

I have tried several ways as I show you next:

1. Application controller (option 1)

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :configure_permitted_parameters, if: :devise_controller?
  
  protected
  
  def configure_permitted_parameters
    case params[:action]
    when 'create'
        devise_parameter_sanitizer.permit(:sign_up, keys: %i[full_name])
    when 'update'
        ...
    end
  end
end

Result => Unpermitted parameter: :full_name

2. Registration controller (option 2)

class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_sign_up_params, only: :create
  
  protected
  
  def configure_sign_up_params
    params.require(:user).permit(%i[full_name])
  end
end

Result => Unpermitted parameter: :full_name

3. Registration controller (option 3)

class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_sign_up_params, only: :create
  
  protected
  
  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: %i[full_name ])
  end
end

Result => Unpermitted parameter: :full_name

In my gemfile:

gem 'devise', '~> 4.8'

In my routes:

devise_controllers = {
  confirmations: 'users/confirmations',
  registrations: 'users/registrations',
  invitations: 'users/invitations',
}
devise_for :users, controllers: devise_controllers

I have read devise strong params but to be honest I do not know what I am doing wrong.

Also I tried to debug in Users::RegistrationsController#create what is happening with:

def create
  super do
    binding.pry
  end
end

but it skips the debugger breakpoint... do you have any idea what is going on?

Cheers!

Edit:

  • Following suggestion from JohnP, I only left :full_name in devise keys parametter sanitizer for sign_up
  • Also I removed a callback that is bypassing my debug breakpoint and now I can stop with pry in create action
1
ruby-on-railsdevise
Is the configure_sign_up_params before action being executed? I'd put a binding.pry inside that method to make sure that's actually being executed - arieljuod

1 Answers

0
votes

Generally, you write strong params for a specific controller, not in your ApplicationController, because the permitted conditions will be different for each model. When using devise_parameter_sanitizer, you only need to include the extra fields you're adding - this isn't setting up your strong params from scratch, just adding keys to the default Devise list.

So, you should find that this is all you need in your Users::RegistrationsController.

def configure_sign_up_params
  devise_parameter_sanitizer.permit(:sign_up, keys: [:full_name])
end

(BTW, ensure you refer to the parameter correctly, as params[:user][:full_name].)

(Oh, and if you want to do debugging, I'd suggest installing the byebug gem. You just add an extra line byebug where you want to have a breakpoint.)