Devise/Rails - How to allow only admin to create a

2020-05-29 03:11发布

站内问答 / 前沿技术
1504 3 6

I am using devise as my authentication solution and now i am thinking about authorization. In my project I (the admin) is the only person authorized to create account for others.

I wonder if there is a way to do it without to much hack. In fact, Devise doesn't allow user to access to the signup page if he is already logged in.

Thanks for your advice on it!

3条回答
Root(大扎)
2楼-- · 2020-05-29 03:47

You can try the rails_admin gem in conjunction with Devise to handle any admin-specific tasks. You'll need to add more code to set it up, but at least you avoid hacking around the solution in terms of changing your interactions with Devise.

查看更多
0人赞 添加讨论(0) 举报
仙女界的扛把子
3楼-- · 2020-05-29 03:57

Setting :skip => :registrations also kills the ability for a user to edit their user info. If that's not what you are after you can instead create a (minimal) custom registrations controller and only remove the new_user_registration_path while preserving the edit_user_registration_path.

# app/controllers/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController

 def new
    # If you're not using CanCan, raise some other exception, or redirect as you please
    raise CanCan::AccessDenied
  end

end

# routes.rb
devise_for :users, :controllers => { :registrations => "registrations" }

Once you do this you also need to move the directory views/devise/registrations to just views/registrations.

查看更多
0人赞 添加讨论(0) 举报
Ridiculous、
4楼-- · 2020-05-29 03:58

It actually looks like in the later versions of Devise you can just remove the "registerable" declaration from your model and it will take care of this for you.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)