允许管理员添加Devise的用户 [英] Allowing admins to add users with Devise
问题描述
我试图使它成为只有管理员可以添加使用与设计。当我以管理员的身份登录并提交注册表格时,我已经得到了大部分工作,但是它的错误发生了错误:您已经登录。
I'm trying to make it so only admins can add uses with devise. I've gotten it mostly working however now when I'm logged in as an admin and submit the sign up form it kicks me back with the error: You are already signed in.
我试图按照以下说明: http:// wiki。 summercode.com/rails_authentication_with_devise_and_cancan ,但似乎没有提及这种情况。
I've tried to follow the instructions here: http://wiki.summercode.com/rails_authentication_with_devise_and_cancan but it doesn't seem to mention this situation.
我需要进一步覆盖 editors_controller 允许这个?
Do I need to do further overriding in the editors_controller to allow this?
这是我的路线(编辑者是我的用户模型的名称):
Here are my routes ("editors" is the name of my user model):
devise_for :admins, :skip => [:registrations]
as :admin do
get 'admin/editors' => 'editors#index', as: :admin_editors
get 'admin/editors/new' => 'editors#new', as: :new_editor
delete 'admin/editors/:id' => 'editors#destroy', as: :destroy_editor
end
devise_for :editors, :skip => [:registrations], :controllers => { :registrations => "editors" }
和我的 editors_controller app / controllers /
and my editors_controller in "app/controllers/"
class EditorsController < Devise::RegistrationsController
before_filter :check_permissions, :only => [:new, :create, :cancel]
skip_before_filter :require_no_authentication
def dashboard
render "editors/dashboard.html.haml"
end
def index
@editors = Editor.all
respond_to do |format|
format.html
end
end
private
def check_permissions
authorize! :create, resource
end
end
编辑
我注意到这个处理由Devise :: RegistrationsController#创建为HTML 在日志中,当我提交表单。我怀疑可能 skip_before_filter:require_no_authentication 未被调用,但假设因为 EditorsController 继承自 RegistrationController 在过滤器正常工作之前。不是这样吗?
EDIT
I noticed this Processing by Devise::RegistrationsController#create as HTML in the logs when I submit the form. I had suspected that perhaps the skip_before_filter :require_no_authentication wasn't being called, but assumed that because the EditorsController was inheriting from RegistrationController that before filter would work properly. Is that not the case?
推荐答案
您将要实现自己的创建 EditorsController 中的$ c>方法,而不是从 Devise :: RegistrationsController 继承该操作。如您所见, Devise :: RegistrationsController 中的方法将首先检查您是否已经登录并踢回您。如果您没有登录,它将创建一个用户帐户,然后以该用户身份登录。
You'll want to implement your own create method on EditorsController instead of inheriting that action from Devise::RegistrationsController. As you're seeing, the method in Devise::RegistrationsController will first check to see if you're already logged in and kick you back if you are. If you're not logged in it will create a User account and then log you in as that user.
您正试图通过 skip_before_filter来解决这个问题:require_no_authentication ,但是您的表单很可能 POST ing to / editors 而不是 / admin / editors 。因此,您需要添加一条路线,让您可以在 EditorsController 上获取创建:
You're trying to get around that problem with skip_before_filter :require_no_authentication, but it's likely that your form is POSTing to /editors instead of /admin/editors. So, you'll need to add a route that allows you to get to create on the EditorsController :
as :admin do
post 'admin/editors' => 'editors#create'
# your other :admin routes here
end
然后,您需要实现创建的缩小版本。你可能想要这样的东西:
Then you'd want to implement a scaled down version of create. You probably want something kind of like this :
class EditorsController < Devise::RegistrationsController
def create
build_resource(sign_up_params)
if resource.save
redirect_to admin_editors_path
else
clean_up_passwords resource
respond_with resource
end
end
# your other methods here
end
您还需要确保 admin / editors / new 模板将表单指向正确的路由( '管理/编辑的)。
You'll also want to make sure that the admin/editors/new template is pointing the form to the correct route ('admin/editors').
这篇关于允许管理员添加Devise的用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
