1

I'm on the latest version of devise 4.6.1, with rails 5.2. Whitelisting params in the application controller doesn't work for some reason. This code is taken directly from the documentation, I'm at a loss as to why this isn't working.

Application_controller:

class ApplicationController < ActionController::Base
 # protect_from_forgery with: :exception
  before_action :configure_permitted_parameters, if: :devise_controller?
  before_action :channel_variable

    def channel_variable
    @channels = Channel.all.order('created_at desc')
    end

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:account_update, keys: [:avatar])

    devise_parameter_sanitizer.permit(:sign_in, keys: [:avatar])

    devise_parameter_sanitizer.permit(:sign_up, keys: [:avatar])
  end
end

Console:

Unpermitted parameter: :avatar

edit.html.erb:

      <%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
        <%= f.error_notification %>

          <div class="field">
            <div class="control">
              <%= f.label :avatar %>
              <%= f.file_field :avatar %>
            </div>
          </div>
<% end %>
scott.piligrim2018
  • 129
  • 11

1 Answers1

0

I've found it best to create a separate route and UsersController to modify User attributes outside of authentication, including Active Storage attachments. You'd want to create a users#update method and whitelist your avatar param there. This is a bit dated but the accepted answer is the basically the approach you'd take:

Rails: Devise: How can I edit user information?

vinyl
  • 490
  • 4
  • 8
  • 1
    Any idea why my solution doesn't work? This is taken right out of their own documentation. Seems strange that you have to jury-rig strong params. – scott.piligrim2018 Mar 05 '19 at 06:51