1
I wanted to know if there is only the administrator register user, with Devise. I can not program this. And where is the controller with the Devise methods in the project?
1
I wanted to know if there is only the administrator register user, with Devise. I can not program this. And where is the controller with the Devise methods in the project?
0
Devise is an engine. What is an engine? Although it looks a lot like a normal plugin, an engine is actually a kind of application that you "mount" in your application.
Standard plugins only add functionality to your app. Already Ngines, can have their own controllers, models, views, etc. Only that you can not see, because it is in a separate namespace, "invisible" for you.
According to the Devise documentation, you can override the Devise Sessionscontroller as follows:
rails generate devise:controllers [scope]
, where "Scope" is the name of your user table (such as users
)Now the Devise has created for you a controller in app/controllers/[scope]/
, inheriting the original controller by inheritance, and allowing you to overwrite your methods.
config/routes.rb
:
devise_for :users, controllers: {sessions: '[scope]/sessions'}
app/views/devise
, copy to app/views/[scope]
To solve your problem, I think a before_action
resolves:
class Users::SessionsController < Devise::SessionsController
before_action :verifica_permissao, only: [...] # configure os métodos que você quer
def verifica_permissao
possui_permissao? || redirect_to('/')
end
def possui_permissao?
# aqui você verifica se o usuário é admin
end
end
Perfect. Thus, the administrator logged in( it uses the same table as the common users, only changes the role field ), can create a user, without giving the error that I am already logged in?
@Vinícius I didn’t stop to think about it, I think he will complain that he is already logged in. You can also write the create method.
Have a look at the controller’s source code: https://github.com/plataformatec/devise/blob/master/app/controllers/devise/sessions_controller.rb. Up there you have a "require_no_authentication" for new e create. The way and see if we can eliminate this.
Then in this case, I would only take the parameters, and save in the bank? probably the original create method, check if the current_user is nil, right?
I believe this is what you are looking for https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface
I’ve never done this before, my answer is based on research. Take a look at @Alex’s tip, or try to add skip_before_action: :require_no_authentication
in the controller.
@user23970 I tried to use skip_before_action on my controller, and I couldn’t fix this problem. What I could do?
Browser other questions tagged ruby-on-rails ruby
You are not signed in. Login or sign up in order to post.
Good afternoon, Have you heard of Gem Pundit ? I’m using it in an application with 3 access levels. Admin | Intermediario | Basic . It does the whole authorization part. Just adc in the app controller and a few more.
– user3033607