开发者

Devise restrict sign up to Admin

I am working on a Rails App that uses Devise as t开发者_Go百科he authentication module, however I want to customize it so that CanCan will only permit Administrators to create a new user. I am having a hard time understanding how to customize the controller for Devise so that this can be done. Any help would be appreciated.


You don't need to customize anything :D

  • Remove :registerable from your Devise model.

  • Create your Users CRUD* (just scaffold users)

  • Use CanCan for user permission on your Users Controller.

*Check Devise's wiki on how to create a Users CRUD, there is a routing trick you need to do


You can create a "User" controller that will manage users and then simply set permissions for it. So in your new User controller you can have something like:

class UserController < ApplicationController
  load_and_authorize_resource

  def index
  end

  def new
  end

  def show
  end

  def create
    if @user.save
      flash[:notice] = "Successfully created User." 
      redirect_to root_path
    else
      render :action => 'new'
    end
  end

  def edit
  end

  def update
    params[:user].delete(:password) if params[:user][:password].blank?
    params[:user].delete(:password_confirmation) if params[:user][:password].blank? and params[:user][:password_confirmation].blank?
    if @user.update_attributes(params[:user])
      flash[:notice] = "Successfully updated User."
      redirect_to user_index_path
    else
      render :action => 'edit'
    end
  end

  def destroy
    if @user.destroy
      flash[:notice] = "Successfully deleted User."
      redirect_to user_index_path
    end
  end

end

Assuming you have administrators set to:

can :manage, :all

You should be good to go.

In your routes file you'll need to set up your routes:

resources :user, :controller => "user"

Hope this helps!

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜