deviseruby-on-rails-4strong-parameters

How to specify devise_parameter_sanitizer for edit action?


I've added Devise to my Rails 4 application, and successfully added username etc. to my User model. Furthermore, I'm able to store those fields using the lazy way™, i.e.

class ApplicationController < ActionController::Base
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

    def configure_permitted_parameters
      devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname) } 
    end
end

However, I tried

def configure_permitted_parameters
  devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname) }
  devise_parameter_sanitizer.for(:edit) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname) }
end

but that didn't work quite as expected (username not being stored when invoked by the edit action). Is there something else I need to do in order to get that to work? Thanks!


Solution

  • Deprecated Answer

    This answer is not correct for the latest version of Rails or Devise.

    Once again, it was a matter of reading the manual ...

    The magic word is :account_update and thus the working version becomes

    def configure_permitted_parameters
      devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname, :nickname) }
      devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password, :firstname, :middlename, :lastname, :nickname) }
    end
    

    Note that if you're in the business of signing in using non-standard parameters, the word you're looking for is :sign_in (as expected).