Editing custom fields in Devise User model

Question

The fields were added via migration and the view's forms are created, but the controller filters the parameter on their path from the view to the model. No matter what I seem to do, my parameters are always unpermitted. My controller code

#app/controllers/users/registrations_controller.rb

class Users::RegistrationsController < Devise::RegistrationsController
  before_filter :configure_sign_up_params, only: [:create]
  before_filter :configure_account_update_params, only: [:update]

  protected

  # If you have extra params to permit, append them to the sanitizer.
  def configure_sign_up_params
   devise_parameter_sanitizer.for(:sign_up)<<[:first_name,:last_name,:profile_image,:graduation_year]
  end

  # If you have extra params to permit, append them to the sanitizer.
  def configure_account_update_params
   devise_parameter_sanitizer.for(:account_update)<<[:first_name,:last_name,:profile_image,:graduation_year]
  end

end
end

#config/routes.rb

Rails.application.routes.draw do
#...

  devise_for :users, controllers: { account_update: "users/registrations", sign_up:"users/registrations" }
end

#Error

Parameters: {"utf8"=>"✓", "authenticity_token"=>"Qts15L3n6Xvsn0hwNvIUI6UrWUQyV/qEyoQAZ8M+udMK1RBTQS1XoNWgpg1JrXqWpb9NbrsaHtQVVU8XMwoSIQ==", 
 "user"=>{"first_name"=>"a", "last_name"=>"a", 
 "profile_image"=>#<ActionDispatch::Http::UploadedFile:0x00000004fe0bb0 @tempfile=#<Tempfile:/tmp/RackMultipart20150709-4420-12guerh.jpeg>, @original_filename="test1.jpeg", @content_type="image/jpeg", @headers="Content-Disposition: form-data; name=\"user[profile_image]\"; filename=\"test1.jpeg\"\r\nContent-Type: image/jpeg\r\n">, 
 "graduation_year"=>"1", "email"=>"[email protected]", 
 "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, 
 "commit"=>"Submit"}

Unpermitted parameters: first_name, last_name, profile_image, graduation_year

Thanks for the help everyone. Really appreciate it!

Answer 1

My config/routes.rb was messed up. It needed to be

devise_for :users, controllers: { registrations: 'users/registrations'  }

Then I needed to add :email, :password, :password_confirmation back to app/controllers/users/registrations_controller.rb

class Users::RegistrationsController < Devise::RegistrationsController
  before_filter :configure_sign_up_params, only: [:create]
  before_filter :configure_account_update_params, only: [:update]

  def configure_sign_up_params
    devise_parameter_sanitizer.for(:sign_up)<<[:first_name,:last_name,:profile_image,:graduation_year,
       :email,:password,:password_confirmation]
  end

  def configure_account_update_params
    devise_parameter_sanitizer.for(:account_update)<<[:first_name,:last_name,:profile_image,:graduation_year,
       :email,:password,:password_confirmation]
  end
end

Also there was an extra 'end' at the bottom of the file.

Update

In the current version of devise (4.3)/rails (5.1.3) it is similar, but the configure functions should be updated to something like this:

def configure_sign_up_params
  devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :age, :height, :weight, :gender])
end