update cancan to cancancan,update devise form 2.3 to 3.2.4

179309463 · Jun 12, 2014 · 148ebf2 · 148ebf2
1 parent 304c192
commit 148ebf2
Show file tree

Hide file tree

Showing 10 changed files with 27 additions and 19 deletions.
diff --git a/Gemfile b/Gemfile
@@ -67,8 +67,8 @@ group :development do
 end
 
 gem 'haml'
-gem 'devise'
-gem 'cancan'
+gem 'devise','~>3.2.4'
+gem 'cancancan', '~> 1.8'
 gem 'kaminari'
 gem 'carrierwave', "~> 0.6.2"
 gem 'carrierwave-upyun', '~> 0.1.6'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -43,7 +43,7 @@ GEM
     bourne (1.5.0)
       mocha (>= 0.13.2, < 0.15)
     builder (3.1.4)
-    cancan (1.6.10)
+    cancancan (1.8.2)
     capybara (2.0.3)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -262,7 +262,7 @@ DEPENDENCIES
   better_errors
   binding_of_caller
   bootstrap-sass (~> 3.1.1)
-  cancan
+  cancancan (~> 1.8)
   capybara (~> 2.0.1)
   carrierwave (~> 0.6.2)
   carrierwave-upyun (~> 0.1.6)

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
@@ -88,6 +88,7 @@ def find_user
 
   private
   def user_params
-    params.require(:user).permit(*BASE_FIELDS, *(BASE_FIELDS + [:reward]), :as => :admin)
+    params.require(:user).permit(:nickname, :email, :password, :password_confirmation,
+    :remember_me, :avatar, :account_attributes, :captcha, :reward)
   end
 end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,6 +1,8 @@
 # encoding: utf-8
 class ApplicationController < ActionController::Base
   protect_from_forgery
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
   include ApplicationHelper
   include BootstrapHelper
 
@@ -84,6 +86,13 @@ def mobile_device?
     request.format == :mobile
   end
 
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:nickname, :email, :password, :password_confirmation) }
+    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:nickname, :email, :remember_me) }
+  end
+
   private
     # Overwriting the sign_out redirect path method
     def after_sign_out_path_for(resource_or_scope)

diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
@@ -1,7 +1,7 @@
 # encoding: utf-8
 class RegistrationsController < Devise::RegistrationsController
   def create
-    build_resource params[:user]
+    build_resource(sign_up_params)
 
     if resource.verify_captcha(session[:captcha]) and resource.save
       if resource.active_for_authentication?

diff --git a/app/controllers/topics_controller.rb b/app/controllers/topics_controller.rb
@@ -84,7 +84,7 @@ def new_from_home
   end
 
   def create
-    @topic = @node.topics.new(topic_params, :as => current_user.permission_role)
+    @topic = @node.topics.new(topic_params)
     @topic.user = current_user
     if @topic.save
       redirect_to t_path(@topic.id)
@@ -95,7 +95,7 @@ def create
 
   def create_from_home
     node_id = topic_params.delete(:node_id)
-    @topic = Topic.new(topic_params, :as => current_user.permission_role)
+    @topic = Topic.new(topic_params)
     @topic.node = Node.find(node_id) if node_id.present?
     @topic.user = current_user
 
@@ -144,7 +144,7 @@ def update
         }
       end
     else
-      if @topic.update_attributes(topic_params, :as => current_user.permission_role)
+      if @topic.update_attributes(topic_params)
         redirect_to t_path(@topic.id)
       else
         flash[:error] = '之前的更新有误，请编辑后再提交'
@@ -204,6 +204,6 @@ def find_topic_and_auth
 
   private
   def topic_params
-    params.require(:topic).permit(:title, :content, :title, :content, :comments_closed, :sticky, :as => :admin)
+    params.require(:topic).permit(:title, :content, :title, :content, :comments_closed, :sticky)
   end
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -123,6 +123,7 @@ def unfollow
 
   private
   def user_params
-    params.require(:user).permit(*BASE_FIELDS, *(BASE_FIELDS + [:reward]), :as => :admin)
+    params.require(:user).permit(:nickname, :email, :password, :password_confirmation,
+    :remember_me, :avatar, :account_attributes, :captcha, :reward)
   end
 end
diff --git a/app/models/plane.rb b/app/models/plane.rb
@@ -14,7 +14,7 @@ class Plane < ActiveRecord::Base
   include Sortable
 
   validates :name, :presence => true
-  has_many :nodes, :order => Node.default_order_str
+  has_many :nodes, -> { order(Node.default_order_str) }
 
   def can_delete?
     self.nodes.count == 0

diff --git a/config/application.rb b/config/application.rb
@@ -7,12 +7,9 @@
 require "sprockets/railtie"
 # require "rails/test_unit/railtie"
 
-if defined?(Bundler)
-  # If you precompile assets before deploying to production, use this line
-  Bundler.require(*Rails.groups(:assets => %w(development test)))
-  # If you want your assets lazily compiled in production, use this line
-  # Bundler.require(:default, :assets, Rails.env)
-end
+
+
+Bundler.require(:default, Rails.env)
 
 I18n.enforce_available_locales = true
 

diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
@@ -4,4 +4,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Rabel::Application.config.secret_token = Figaro.env.RABEL_SECRET_TOKEN
+Rabel::Application.config.secret_key_base  = Figaro.env.RABEL_SECRET_TOKEN