class Users::RegistrationsController < Devise::RegistrationsController # before_filter :configure_sign_up_params, only: [:create] before_action :configure_account_update_params, only: [:update] before_action :user_authority_check,only: [:edit,:update] # GET /resource/sign_up # def new # super # end # POST /resource # def create # super # end # GET /resource/edit # def edit # super # end # PUT /resource # def update # super # end # DELETE /resource # def destroy # super # end # GET /resource/cancel # Forces the session data which is usually expired after sign # in to be expired now. This is useful if the user wants to # cancel oauth signing in/up in the middle of the process, # removing all OAuth session data. # def cancel # super # end protected # You can put the params you want to permit in the empty array. # def configure_sign_up_params # devise_parameter_sanitizer.for(:sign_up) << :attribute # end # You can put the params you want to permit in the empty array. def configure_account_update_params devise_parameter_sanitizer.permit(:account_update,keys: [:email,:email_change_cancel,:sign_in_id,:name]) end # The path used after sign up. # def after_sign_up_path_for(resource) # super(resource) # end # The path used after sign up for inactive accounts. # def after_inactive_sign_up_path_for(resource) # super(resource) # end def user_authority_check authorize! :update_mine, send(:"current_#{resource_name}") end end