开发者

Devise restrict sign up to Admin

开发者 https://www.devze.com 2023-03-23 17:41 出处:网络
I am working on a Rails App that uses Devise as t开发者_Go百科he authentication module, however I want to customize it so that CanCan will only permit Administrators to create a new user.I am having a

I am working on a Rails App that uses Devise as t开发者_Go百科he authentication module, however I want to customize it so that CanCan will only permit Administrators to create a new user. I am having a hard time understanding how to customize the controller for Devise so that this can be done. Any help would be appreciated.


You don't need to customize anything :D

  • Remove :registerable from your Devise model.

  • Create your Users CRUD* (just scaffold users)

  • Use CanCan for user permission on your Users Controller.

*Check Devise's wiki on how to create a Users CRUD, there is a routing trick you need to do


You can create a "User" controller that will manage users and then simply set permissions for it. So in your new User controller you can have something like:

class UserController < ApplicationController
  load_and_authorize_resource

  def index
  end

  def new
  end

  def show
  end

  def create
    if @user.save
      flash[:notice] = "Successfully created User." 
      redirect_to root_path
    else
      render :action => 'new'
    end
  end

  def edit
  end

  def update
    params[:user].delete(:password) if params[:user][:password].blank?
    params[:user].delete(:password_confirmation) if params[:user][:password].blank? and params[:user][:password_confirmation].blank?
    if @user.update_attributes(params[:user])
      flash[:notice] = "Successfully updated User."
      redirect_to user_index_path
    else
      render :action => 'edit'
    end
  end

  def destroy
    if @user.destroy
      flash[:notice] = "Successfully deleted User."
      redirect_to user_index_path
    end
  end

end

Assuming you have administrators set to:

can :manage, :all

You should be good to go.

In your routes file you'll need to set up your routes:

resources :user, :controller => "user"

Hope this helps!

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号