1

I'm working on creating an application with role based authorization.So,In i have created a migration to devise users to add a new column "role" And I have the following code block in my applications controller to permit the new parameter(role).But still when i try to sign up as a new user.I get the error that the parameter role is unpermitted.Please help me to solve this issue.

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
  devise_parameter_sanitizer.permit(:sign_up)  { |u| u.permit(  :email, :password, :password_confirmation, roles: [] ) }
end

end

This is what i've got in my user model

class User < ApplicationRecord
  belongs_to :role
  # has_many :Product
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

         ROLES = %i[admin manager customer]

def user_params
  params.require(:user).permit(:name, :email, :password, :password_confirmation, :role)
end


end

migration is as follows

class AddRoleToUsers < ActiveRecord::Migration[5.0]
  def change
    add_column :users, :role, :string
  end
end

Please help me to solve this issue.Thank you.

Tharindu Rajapaksha
  • 112
  • 13
  • Possible duplicate of [Adding custom parameters to devise registration - unpermitted parameters](https://stackoverflow.com/questions/42572124/adding-custom-parameters-to-devise-registration-unpermitted-parameters) – Gerry Aug 01 '17 at 13:51
  • Possible duplicate of [Adding a new field causes an error](https://stackoverflow.com/questions/43307494/adding-a-new-field-causes-an-error) – Mayur Shah Aug 01 '17 at 13:54

1 Answers1

3

Your user model doesn't have access to params, so you can remove the user_params method from there. Unless you're nesting attributes, you won't need to pass in the array for the role attribute, so change

devise_parameter_sanitizer.permit(:sign_up)  { |u| u.permit(  :email, :password, :password_confirmation, roles: [] ) }

to 

devise_parameter_sanitizer.permit(:sign_up)  { |u| u.permit(  :email, :password, :password_confirmation, :role ) }
#

And you should be good to go.

robinCTS
  • 5,746
  • 14
  • 30
  • 37
Mark
  • 6,112
  • 4
  • 21
  • 46
  • Still getting the same result – Tharindu Rajapaksha Aug 01 '17 at 14:01
  • Started POST "/users" for 127.0.0.1 at 2017-08-01 19:29:24 +0530 Processing by Devise::RegistrationsController#create as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"OH3R7o1M+0BkzD2iVG/yHiovWZ1oj0wBafxgU5C2kBu1q3LD5dNWcVpDQ/c6QwfpZ2UTINpghRYYxmodUxBT+Q==", "user"=>{"email"=>"admin@me.lk", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "role"=>"admin"}, "commit"=>"Sign up"} Unpermitted parameter: role – Tharindu Rajapaksha Aug 01 '17 at 14:01
  • (0.1ms) begin transaction User Exists (11.1ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = ? LIMIT ? [["email", "admin@me.lk"], ["LIMIT", 1]] (0.1ms) rollback transaction – Tharindu Rajapaksha Aug 01 '17 at 14:02
  • My bad - I think it should be 'role' and not 'roles – Mark Aug 01 '17 at 14:04