Ah yes, in console I have a line(when creating a user) saying.... Unpermitted parameters: password_confirmation, roles
I tried... def create @user = User.new(params[:user].permit(:id, :email, :password, :roles_mask)) ...etc... and... def create @user = User.new(params[:user].permit(:id, :email, :password, :roles_mask[:roles])) and.... def create @user = User.new(params[:user].permit(:id, :email, :password, :roles)) But none save the roles. The roles_mask col in the users table is an integer. It explains the process in the link mentioned on my first post. Using a "bitmask". On Monday, November 18, 2013 9:07:52 PM UTC, Walter Lee Davis wrote: > > Also, watch your console as you update, and see if there's a warning about > illegal attributes not being saved. > > Walter > > On Nov 18, 2013, at 4:04 PM, Walter Lee Davis wrote: > > > Aha. You have a method called roles, but you're storing this in > roles_mask? Which is a string? You should try adding roles_mask in the > strong parameters, I think. > > > > Walter > > > > > > On Nov 18, 2013, at 3:50 PM, Phillip wrote: > > > >> Hi Walter, > >> > >> Thanks for reply. > >> > >> Yes I have added in roles, but perhaps I am doing it wrong? Here is my > users controller for creating and updating... > >> > >> > >> def create > >> @user = User.new(params[:user].permit(:email, :password, :roles)) > >> # authorize! :manage, @users > >> > >> respond_to do |format| > >> if @user.save > >> format.html { redirect_to(@user, :notice => 'User was > successfully created.') } > >> format.xml { render :xml => @user, :status => :created, > :location => @user } > >> else > >> format.html { render :action => "new" } > >> format.xml { render :xml => @user.errors, :status => > :unprocessable_entity } > >> end > >> end > >> end > >> > >> # PUT /users/1 > >> # PUT /users/1.xml > >> def update > >> @user = User.find(params[:id]) > >> > >> respond_to do |format| > >> if @user.update(params[:user].permit(:email, :password, :roles)) > >> format.html { redirect_to(@user, :notice => 'User was > successfully updated.') } > >> format.xml { head :ok } > >> else > >> format.html { render :action => "edit" } > >> format.xml { render :xml => @user.errors, :status => > :unprocessable_entity } > >> end > >> end > >> end > >> > >> > >> > >> On Monday, November 18, 2013 7:03:09 PM UTC, Phillip wrote: > >> Hi, > >> > >> (Using Rails 4.0.1, Ruby 1.9.3, latest devise and cancan gems. sqlite > db for local development) > >> > >> I am a rookie, setting up website and was adding roles(using cancan > gem) to my users table. Everything works great, except when I select a role > for a user it is not getting saved. The user gets saved/created OK but it > never updates/ remembers any roles assigned to the user. > >> > >> I was following the advice given here(Many roles per user). Any help or > advice is most appreciated... > >> > >> https://github.com/ryanb/cancan/wiki/role-based-authorization > >> > >> Here is my users form... > >> > >> <%= form_for(@user) do |f| %> > >> <div class="field"> > >> <%= f.label :email %><br /> > >> <%= f.text_field :email %> > >> </div> > >> <% if @current_method == "new" %> > >> <div class="field"> > >> <%= f.label :password %><br /> > >> <%= f.password_field :password %> > >> </div> > >> <div class="field"> > >> <%= f.label :password_confirmation %><br /> > >> <%= f.password_field :password_confirmation %> > >> </div> > >> <% end %> > >> <% for role in User::ROLES %> > >> <%= check_box_tag "user[roles][#{role}]", role, > @user.roles.include?(role), {:name => "user[roles][]"}%> > >> <%= label_tag "user_roles_#{role}", role.humanize %><br /> > >> <% end %> > >> <%= hidden_field_tag "user[roles][]", "" %> > >> <div class="actions"> > >> <%= f.submit %> > >> </div> > >> <% end %> > >> > >> > >> > >> # /app/model/user.rb > >> > >> class User < ActiveRecord::Base > >> > >> ROLES = %w[admin blog_author] > >> > >> def roles=(roles) > >> self.roles_mask = (roles & ROLES).map { |r| 2**ROLES.index(r) > }.inject(0, :+) > >> end > >> > >> def roles > >> ROLES.reject do |r| > >> ((roles_mask.to_i || 0) & 2**ROLES.index(r)).zero? > >> end > >> end > >> > >> def is?(role) > >> roles.include?(role.to_s) > >> end > >> > >> # Include default devise modules. Others available are: > >> # :confirmable, :lockable, :timeoutable and :omniauthable > >> devise :database_authenticatable, :registerable, :recoverable, > :rememberable, :trackable, :validatable > >> end > >> > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an email to rubyonrails-ta...@googlegroups.com <javascript:>. > >> To post to this group, send email to > >> rubyonra...@googlegroups.com<javascript:>. > > >> To view this discussion on the web visit > https://groups.google.com/d/msgid/rubyonrails-talk/6b9fed85-e8c9-471d-a2ea-b9d223bf33a1%40googlegroups.com. > > > >> For more options, visit https://groups.google.com/groups/opt_out. > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to rubyonrails-ta...@googlegroups.com <javascript:>. > > To post to this group, send email to > > rubyonra...@googlegroups.com<javascript:>. > > > To view this discussion on the web visit > https://groups.google.com/d/msgid/rubyonrails-talk/06C8EADD-E307-4517-A2C3-E53FA54172B2%40wdstudio.com. > > > > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/0021820d-a9f3-4874-a9a0-4a2d9a883408%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.