Rails 5, Undefined method `for' for #<Devise on line devise_parameter_sanitizer.for

Question

I am working with Rails 5

I aded new field username in model User.

class Users::RegistrationsController < Devise::RegistrationsController
  before         


        

Answer 1

class ApplicationController < ActionController::Base

  before_action :configure_permitted_paramters, if: :devise_controller?

  protected
    def configure_permitted_paramters

        devise_parameter_sanitizer.permit(:sign_up, keys: [:fullname])

        devise_parameter_sanitizer.permit(:account_update, keys: [:fullname, 
        :phone_number, :description, :email, :password])

    end

end

Answer 2

If you just change the .for to .permit it works as well. For example:

devise_parameter_sanitizer.permit(:sign_up) { |u| u.permit({ roles: [] }, :email, :password, :password_confirmation, :username) }

It works in both Rails 4.2.x and Rails 5.0.x

Answer 3

According to the documentation:

The Parameter Sanitaizer API has changed for Devise 4

class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
  end
end

Answer 4

I think you missed account_update in your controller's configure_permitted_parameters method, you need to follow the devise pattern. Devise has a an account update page. You can find this in views/devise/registrations/edit.html.erb, and your code is also not going to work in the sign_up page, here you specified sign_up page

To update your user table, the minute you submit an update in your users/edit, or if you are submitting a username in the sign_up page you need to follow this devise pattern, to update the database User table. Even if you added a new column to the user table, you would have to add it to the configure_permitted_parameters method. In your case it's username, but you missed account_update as well. You're basically saying that you want to update the username or add the string to username field without following the Devise pattern. Any field you add to the User table should follow this Devise pattern. Also you can specify which page is permitted to update this username. In my example below, i'm using the devise update page. So like I said, even if you added a custom field name to Users table you need to follow this pattern. If you have another page where you need to add username, you would just do the same thing.

class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
    devise_parameter_sanitizer.permit(:account_update, keys: [:username])
  end
end

Next make sure in your user.rb you have validate username in your User model.

class User < ApplicationRecord
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :validatable

  validates :username, presence: true
end

Answer 5

Don't forget devise_parameter_sanitizer.permit(:account_update, keys: [:username])