Authenticate using Devise and Rails Admin for part

2019-04-07 22:06发布

I use Rails Admin and Devise for admin and user model. I have added one column "admin" to the user model to indicate its identity. In the config/routes.rb, I mount /admin for RailsAdmin:Engine

I want to only allow current_user.admin users to access /admin, otherwise, redirect user to home page.

How can I implement this in the cleanest code?

标签： ruby-on-rails devise rails-admin

1条回答

在下西门庆

2楼-- · 2019-04-07 22:33

on your admin controllers:

class MyAdminController < ApplicationController
  before_filter :authenticate_user!
  before_filter :require_admin
end

on your application controller:

class ApplicationController < ActionController::Base


  def require_admin
    unless current_user && current_user.role == 'admin'
      flash[:error] = "You are not an admin"
      redirect_to root_path
    end        
  end
end

Sorry, didn't notice it was with rails admin, you can do:

# in config/initializer/rails_admin.rb

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    unless current_user.try(:admin?)
      flash[:error] = "You are not an admin"
      redirect_to root_path
    end
  end
end

0人赞添加讨论(0) 举报

Authenticate using Devise and Rails Admin for part

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间