Ah yes, in console I have a line(when creating a user) saying....
Unpermitted parameters: password_confirmation, roles
I tried...
def create
@user = User.new(params[:user].permit(:id, :email, :password,
:roles_mask))
...etc...
and...
def create
@user = User.new(params[:user].permit(:id, :email, :password,
:roles_mask[:roles]))
and....
def create
@user = User.new(params[:user].permit(:id, :email, :password, :roles))
But none save the roles. The roles_mask col in the users table is an
integer. It explains the process in the link mentioned on my first post.
Using a "bitmask".
On Monday, November 18, 2013 9:07:52 PM UTC, Walter Lee Davis wrote:
>
> Also, watch your console as you update, and see if there's a warning about
> illegal attributes not being saved.
>
> Walter
>
> On Nov 18, 2013, at 4:04 PM, Walter Lee Davis wrote:
>
> > Aha. You have a method called roles, but you're storing this in
> roles_mask? Which is a string? You should try adding roles_mask in the
> strong parameters, I think.
> >
> > Walter
> >
> >
> > On Nov 18, 2013, at 3:50 PM, Phillip wrote:
> >
> >> Hi Walter,
> >>
> >> Thanks for reply.
> >>
> >> Yes I have added in roles, but perhaps I am doing it wrong? Here is my
> users controller for creating and updating...
> >>
> >>
> >> def create
> >> @user = User.new(params[:user].permit(:email, :password, :roles))
> >> # authorize! :manage, @users
> >>
> >> respond_to do |format|
> >> if @user.save
> >> format.html { redirect_to(@user, :notice => 'User was
> successfully created.') }
> >> format.xml { render :xml => @user, :status => :created,
> :location => @user }
> >> else
> >> format.html { render :action => "new" }
> >> format.xml { render :xml => @user.errors, :status =>
> :unprocessable_entity }
> >> end
> >> end
> >> end
> >>
> >> # PUT /users/1
> >> # PUT /users/1.xml
> >> def update
> >> @user = User.find(params[:id])
> >>
> >> respond_to do |format|
> >> if @user.update(params[:user].permit(:email, :password, :roles))
> >> format.html { redirect_to(@user, :notice => 'User was
> successfully updated.') }
> >> format.xml { head :ok }
> >> else
> >> format.html { render :action => "edit" }
> >> format.xml { render :xml => @user.errors, :status =>
> :unprocessable_entity }
> >> end
> >> end
> >> end
> >>
> >>
> >>
> >> On Monday, November 18, 2013 7:03:09 PM UTC, Phillip wrote:
> >> Hi,
> >>
> >> (Using Rails 4.0.1, Ruby 1.9.3, latest devise and cancan gems. sqlite
> db for local development)
> >>
> >> I am a rookie, setting up website and was adding roles(using cancan
> gem) to my users table. Everything works great, except when I select a role
> for a user it is not getting saved. The user gets saved/created OK but it
> never updates/ remembers any roles assigned to the user.
> >>
> >> I was following the advice given here(Many roles per user). Any help or
> advice is most appreciated...
> >>
> >> https://github.com/ryanb/cancan/wiki/role-based-authorization
> >>
> >> Here is my users form...
> >>
> >> <%= form_for(@user) do |f| %>
> >> <div class="field">
> >> <%= f.label :email %><br />
> >> <%= f.text_field :email %>
> >> </div>
> >> <% if @current_method == "new" %>
> >> <div class="field">
> >> <%= f.label :password %><br />
> >> <%= f.password_field :password %>
> >> </div>
> >> <div class="field">
> >> <%= f.label :password_confirmation %><br />
> >> <%= f.password_field :password_confirmation %>
> >> </div>
> >> <% end %>
> >> <% for role in User::ROLES %>
> >> <%= check_box_tag "user[roles][#{role}]", role,
> @user.roles.include?(role), {:name => "user[roles][]"}%>
> >> <%= label_tag "user_roles_#{role}", role.humanize %><br />
> >> <% end %>
> >> <%= hidden_field_tag "user[roles][]", "" %>
> >> <div class="actions">
> >> <%= f.submit %>
> >> </div>
> >> <% end %>
> >>
> >>
> >>
> >> # /app/model/user.rb
> >>
> >> class User < ActiveRecord::Base
> >>
> >> ROLES = %w[admin blog_author]
> >>
> >> def roles=(roles)
> >> self.roles_mask = (roles & ROLES).map { |r| 2**ROLES.index(r)
> }.inject(0, :+)
> >> end
> >>
> >> def roles
> >> ROLES.reject do |r|
> >> ((roles_mask.to_i || 0) & 2**ROLES.index(r)).zero?
> >> end
> >> end
> >>
> >> def is?(role)
> >> roles.include?(role.to_s)
> >> end
> >>
> >> # Include default devise modules. Others available are:
> >> # :confirmable, :lockable, :timeoutable and :omniauthable
> >> devise :database_authenticatable, :registerable, :recoverable,
> :rememberable, :trackable, :validatable
> >> end
> >>
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> Groups "Ruby on Rails: Talk" group.
> >> To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected] <javascript:>.
> >> To post to this group, send email to
> >> [email protected]<javascript:>.
>
> >> To view this discussion on the web visit
> https://groups.google.com/d/msgid/rubyonrails-talk/6b9fed85-e8c9-471d-a2ea-b9d223bf33a1%40googlegroups.com.
>
>
> >> For more options, visit https://groups.google.com/groups/opt_out.
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ruby on Rails: Talk" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected] <javascript:>.
> > To post to this group, send email to
> > [email protected]<javascript:>.
>
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/rubyonrails-talk/06C8EADD-E307-4517-A2C3-E53FA54172B2%40wdstudio.com.
>
>
> > For more options, visit https://groups.google.com/groups/opt_out.
>
>
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/0021820d-a9f3-4874-a9a0-4a2d9a883408%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
