改變設計的強大參數

Question

在我的應用程序中，我最初創建了一個用戶腳手架，然後創建了一個設計用戶模型，只需將屬性添加到用戶模型中，但是在我的用戶控制器中，只要嘗試使用參數「username」一個允許的參數，它仍然吐出錯誤「用戶名不是允許的參數」。

我user.rb

class User < ActiveRecord::Base 
    # Include default devise modules. Others available are: 
    # :confirmable, :lockable, :timeoutable and :omniauthable 
    devise :database_authenticatable, :rememberable, :trackable, :validatable 
    belongs_to :role 

    def email_required? 
    false 
    end 

    def email_changed? 
    false 
    end 


end 

我的用戶控制器

class UsersController < ApplicationController 
    before_filter :authenticate_user! 
    before_action :set_user, only: [:show, :edit, :update, :destroy] 

    # GET /users 
    # GET /users.json 
    def index 
    @users = User.all 
    end 

    # GET /users/1 
    # GET /users/1.json 
    def show 
    end 

    # GET /users/new 
    def new 
    @user = User.new 
    end 

    # GET /users/1/edit 
    def edit 
    end 

    # POST /users 
    # POST /users.json 
    def create 
    @user = User.new(user_params) 

    respond_to do |format| 
     if @user.save 
     format.html { redirect_to @user, notice: 'User was successfully created.' } 
     format.json { render :show, status: :created, location: @user } 
     else 
     format.html { render :new } 
     format.json { render json: @user.errors, status: :unprocessable_entity } 
     end 
    end 
    end 

    # PATCH/PUT /users/1 
    # PATCH/PUT /users/1.json 
    def update 
    respond_to do |format| 
     if @user.update(user_params) 
     format.html { redirect_to @user, notice: 'User was successfully updated.' } 
     format.json { render :show, status: :ok, location: @user } 
     else 
     format.html { render :edit } 
     format.json { render json: @user.errors, status: :unprocessable_entity } 
     end 
    end 
    end 

    # DELETE /users/1 
    # DELETE /users/1.json 
    def destroy 
    @user.destroy 
    respond_to do |format| 
     format.html { redirect_to users_url, notice: 'User was successfully destroyed.' } 
     format.json { head :no_content } 
    end 
    end 

    private 
    # Use callbacks to share common setup or constraints between actions. 
    def set_user 
     @user = User.find(params[:id]) 
    end 

    # Never trust parameters from the scary internet, only allow the white list through. 
    def user_params 
     params.require(:user).permit(:role_id, :username, :password, :password_confirmation) 
    end 
end 

正如你可以看到我已經把「用戶名」屬性強進的PARAMS，但它仍然心不是允許的。任何幫助非常感謝，謝謝！

Answer 1

試試這個在您的application_controller.rb

before_action :configure_permitted_parameters, if: :devise_controller? 

protected 

def configure_permitted_parameters 
    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email, :password) } 
end 

文檔https://github.com/plataformatec/devise#strong-parameters