In an app where Devise and Admin model are used I needed to add some fields - they were successfully added. Now I also need to give the user the ability to modify these attributes. When I open the view for modifying these parameters and send the form, the newly added fields (like a phone number, website etc) are not modified.
In the terminal output I see it's because these parameters are unpermitted, but how can I permit them?
The action where the whole
update process is happening is
@user = User.find(current_user.id)
successfully_updated = if needs_password?(@user, params)
flash[:notice] = "Your password has been successfully changed."
# Sign in the user bypassing validation in case their password changed
sign_in @user, :bypass => true
redirect_to edit_user_registration_path(:status => 'ok')
Bu this code seems to be for
users, not for
admins - how can I solve this problem then?
Thank you in advance.
class RegistrationsController < Devise::RegistrationsController before_action :configure_permitted_parameters # ... protected def configure_permitted_parameters devise_parameter_sanitizer.for(:account_update) << :username end end
In this example we add a
:username parameter to the whitelist.