Re: [Rails] Adding role's field to users

Ah yes, in console I have a line(when creating a user) saying....

Unpermitted parameters: password_confirmation, roles

I tried...

def create

    @user = User.new(params[:user].permit(:id, :email, :password, :roles_mask))

...etc...

and...

def create

    @user = User.new(params[:user].permit(:id, :email, :password, :roles_mask[:roles]))

and....

def create

    @user = User.new(params[:user].permit(:id, :email, :password, :roles))

But none save the roles. The roles_mask col in the users table is an integer. It explains the process in the link mentioned on my first post. Using a "bitmask".

On Monday, November 18, 2013 9:07:52 PM UTC, Walter Lee Davis wrote:

Also, watch your console as you update, and see if there's a warning about illegal attributes not being saved.

Walter

On Nov 18, 2013, at 4:04 PM, Walter Lee Davis wrote:

> Aha. You have a method called roles, but you're storing this in roles_mask? Which is a string? You should try adding roles_mask in the strong parameters, I think.
>
> Walter
>
>
> On Nov 18, 2013, at 3:50 PM, Phillip wrote:
>
>> Hi Walter,
>>
>> Thanks for reply.
>>
>> Yes I have added in roles, but perhaps I am doing it wrong? Here is my users controller for creating and updating...
>>
>>
>> def create
>>    @user = User.new(params[:user].permit(:email, :password, :roles))
>>    # authorize! :manage, @users
>>
>>    respond_to do |format|
>>      if @user.save
>>        format.html { redirect_to(@user, :notice => 'User was successfully created.') }
>>        format.xml  { render :xml => @user, :status => :created, :location => @user }
>>      else
>>        format.html { render :action => "new" }
>>        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
>>      end
>>    end
>>  end
>>
>>  # PUT /users/1
>>  # PUT /users/1.xml
>>  def update
>>    @user = User.find(params[:id])
>>
>>    respond_to do |format|
>>      if @user.update(params[:user].permit(:email, :password, :roles))
>>        format.html { redirect_to(@user, :notice => 'User was successfully updated.') }
>>        format.xml  { head :ok }
>>      else
>>        format.html { render :action => "edit" }
>>        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
>>      end
>>    end
>>  end
>>
>>
>>
>> On Monday, November 18, 2013 7:03:09 PM UTC, Phillip wrote:
>> Hi,
>>
>> (Using Rails 4.0.1, Ruby 1.9.3, latest devise and cancan gems. sqlite db for local development)
>>
>> I am a rookie, setting up website and was adding roles(using cancan gem) to my users table. Everything works great, except when I select a role for a user it is not getting saved. The user gets saved/created OK but it never updates/ remembers any roles assigned to the user.
>>
>> I was following the advice given here(Many roles per user). Any help or advice is most appreciated...
>>
>> https://github.com/ryanb/cancan/wiki/role-based-authorization
>>
>> Here is my users form...
>>
>> <%= form_for(@user) do |f| %>
>> <div class="field">
>>    <%= f.label :email %><br />
>>    <%= f.text_field :email %>
>>  </div>
>>  <% if @current_method == "new" %>
>>    <div class="field">
>>      <%= f.label :password %><br />
>>      <%= f.password_field :password %>
>>    </div>
>>    <div class="field">
>>      <%= f.label :password_confirmation %><br />
>>      <%= f.password_field :password_confirmation %>
>>    </div>
>>  <% end %>
>>  <% for role in User::ROLES %>
>>    <%= check_box_tag "user[roles][#{role}]", role, @user.roles.include?(role), {:name => "user[roles][]"}%>
>>    <%= label_tag "user_roles_#{role}", role.humanize %><br />
>>  <% end %>
>>  <%= hidden_field_tag "user[roles][]", "" %>
>>  <div class="actions">
>>    <%= f.submit %>
>>  </div>
>> <% end %>
>>
>>
>>
>> # /app/model/user.rb
>>
>> class User < ActiveRecord::Base
>>
>>  ROLES = %w[admin blog_author]
>>
>>  def roles=(roles)
>>    self.roles_mask = (roles & ROLES).map { |r| 2**ROLES.index(r) }.inject(0, :+)
>>  end
>>
>>  def roles
>>    ROLES.reject do |r|
>>      ((roles_mask.to_i || 0) & 2**ROLES.index(r)).zero?
>>    end
>>  end
>>
>>  def is?(role)
>>    roles.include?(role.to_s)
>>  end
>>
>>  # Include default devise modules. Others available are:
>>  # :confirmable, :lockable, :timeoutable and :omniauthable
>>  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
>> end
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
>> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
>> To post to this group, send email to rubyonra...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/6b9fed85-e8c9-471d-a2ea-b9d223bf33a1%40googlegroups.com.
>> For more options, visit https://groups.google.com/groups/opt_out.
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/06C8EADD-E307-4517-A2C3-E53FA54172B2%40wdstudio.com.
> For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/0021820d-a9f3-4874-a9a0-4a2d9a883408%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.