Rails 4 Strong Parameters Devise User Admin Models

Question

What is the best way to use Strong Parameters with Rails 4 and Devise for an Admin Model and User Model?

I want to allow the user to sign_in & sign_up --- and the admin to sign_in however not sign_up.

Note* I have already read Strong Parameters by devise.

score 1 · Answer 1 · answered Jan 02 '14 at 01:05

1

It does not depend on strong_parameters. Remove :registerable from your admin model.

answered Jan 02 '14 at 01:05

Bart

okay, how can I block unwanted parameters from being entered into the database manually then? – Daniel Jan 02 '14 at 01:11
What's not working with this solution: https://github.com/plataformatec/devise#strong-parameters ? – Bart Jan 02 '14 at 01:14
Here are some related questions about the same issue- http://stackoverflow.com/questions/20137244/rails-4-devise-strong-parameters-admin-model http://stackoverflow.com/questions/20510289/rails-4-strong-parameters-opposite-permit-all-attributes https://groups.google.com/forum/#!topic/plataformatec-devise/pAYxKP5h5Vg – Daniel Jan 02 '14 at 01:17
If there is no attributes allowed why would you want to have this action and forms available in the first place? Why not just override it with a simple redirect or something? – Bart Jan 02 '14 at 01:23
I want to block the admin sign_up completely. And I thought the point of strong parameters is to make the site secure by not allowing anything other than what you permit to pass. If this is the case than I should not be allowed to pass attributes manually when I have blocked the admin sign_up – Daniel Jan 02 '14 at 01:35

1 Answers1