2016-02-11 00:45:18 +00:00
|
|
|
### Unreleased
|
|
|
|
|
|
|
|
* enhancements
|
|
|
|
* Introduced `DeviseController#set_flash_message!` for conditional flash messages setting to reduce complexity.
|
|
|
|
|
2016-02-01 11:20:42 +00:00
|
|
|
### 4.0.0.rc1 - 2016-01-02
|
2015-06-24 16:13:06 +00:00
|
|
|
|
2015-12-15 13:48:41 +00:00
|
|
|
* Support added to Rails 5 (by @twalpole).
|
|
|
|
* Devise no longer supports Rails 3.2 and 4.0.
|
|
|
|
* Devise no longer supports Ruby 1.9 and 2.0.
|
2015-12-10 16:36:34 +00:00
|
|
|
|
2016-02-01 11:20:42 +00:00
|
|
|
* deprecations
|
|
|
|
* The `devise_parameter_sanitize` API has changed:
|
|
|
|
The `for` method was deprecated in favor of `permit`:
|
|
|
|
|
|
|
|
```ruby
|
|
|
|
def configure_permitted_parameters
|
|
|
|
devise_parameter_sanitizer.for(:sign_up) << :subscribe_newsletter
|
|
|
|
# Should become the following.
|
|
|
|
devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
|
|
|
|
end
|
|
|
|
```
|
|
|
|
|
|
|
|
The customization through instance methods on the sanitizer implementation
|
|
|
|
should be done through it's `initialize` method:
|
|
|
|
|
|
|
|
```ruby
|
|
|
|
class User::ParameterSanitizer < Devise::ParameterSanitizer
|
|
|
|
def sign_up
|
|
|
|
default_params.permit(:username, :email)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# The `sign_up` method can be a `permit` call on the sanitizer `initialize`.
|
|
|
|
|
|
|
|
class User::ParameterSanitizer < Devise::ParameterSanitizer
|
|
|
|
def initialize(*)
|
|
|
|
super
|
|
|
|
permit(:sign_up, keys: [:username, :email])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
```
|
|
|
|
|
|
|
|
You can check more examples and explanations on the [README section](/plataformatec/devise#strong-parameters)
|
|
|
|
and on the [ParameterSanitizer docs](lib/devise/parameter_sanitizer.rb).
|
|
|
|
|
|
|
|
Please check [3-stable](https://github.com/plataformatec/devise/blob/3-stable/CHANGELOG.md)
|
|
|
|
for previous changes.
|