i have rails 3 app authentication setup using devise registerable module enabled.
i want have new users sign using our outside register form use full devise registerable module, happening now.
however, want admin user able create new users directly, bypassing (i think) devise's registerable module.
with registerable disabled, standard userscontroller works want admin user, other rail scaffold. however, new users can't register on own.
with registerable enabled, standard userscontroller never called new user action (calling devise::registrationscontroller instead), , crud actions don't seem work @ (i dumped onto root page no new user created , no flash message). here's log request:
started post "/users" 127.0.0.1 @ 2010-12-20 11:49:31 -0500 processing devise::registrationscontroller#create html parameters: {"utf8"=>"✓", "authenticity_token"=>"18697r4synnwhfmtkdcwcdyphjos+68rpfsaykvjo8y=", "user"=>{"email"=>"test@test.com", "password"=>"[filtered]", "password_confirmation"=>"[filtered]", "role"=>"manager"}, "commit"=>"create user"} sql (0.9ms) ... user load (0.6ms) select "users".* "users" ("users"."id" = 2) limit 1 sql (0.9ms) ... redirected http://test-app.local/ completed 302 found in 192ms
... able register new users through outside form.
how can both of these methods work together, such admin user can manually create new users and guest users can register on own?
i have users controller setup standard crud:
class userscontroller < applicationcontroller load_and_authorize_resource def index @users = user.where("id not in (?)", current_user.id) # don't display current user in users list; go account management edit current user details end def new @user = user.new end def create @user = user.new(params[:user]) if @user.save flash[:notice] = "#{ @user.email } created." redirect_to users_path else render :action => 'new' end end def edit end def update params[:user].delete(:password) if params[:user][:password].blank? params[:user].delete(:password_confirmation) if params[:user][:password].blank? , params[:user][:password_confirmation].blank? if @user.update_attributes(params[:user]) flash[:notice] = "successfully updated user." redirect_to users_path else render :action => 'edit' end end def delete end def destroy redirect_to users_path , return if params[:cancel] if @user.destroy flash[:notice] = "#{ @user.email } deleted." redirect_to users_path end end end
and routes setup follows:
testapp::application.routes.draw devise_for :users devise_scope :user "/login", :to => "devise/sessions#new", :as => :new_user_session "/logout", :to => "devise/sessions#destroy", :as => :destroy_user_session end resources :users :delete, :on => :member end authenticate :user root :to => "application#index" end root :to => "devise/session#new" end
you should create separate controller manage users. create administrator users , give them special namespace work in. let me illustrate that:
config/routes.rb
devise :users # allow users register here namespace :admin resources :users # have admin manage them here. end
Comments
Post a Comment