I am using Devise and Rails 4. I want to add multiple User Models(admin, usertype1, usertype2) such that they inherit from the main User Model. I have searched many posts and come to the conclusion that I may use CanCan, which I do not want, or I may use Single Table Inheritance.
The way I see it is to add a type string-column to my main User model I created with Devise. I will also need to extend each sub-class from the parent as in:
class Admin < User
end
class Usertype1 < User
end
class Usertype2 < User
end
My question is: what do I do next? How exactly do I know how to access the type column? Do I also need to override the Devise Controller for the current_user helper method such that I can have current_admin for example?
I'm not sure this really answers the original question. I am trying to set up multiple session controllers for Devise, and it seems like it really does require multiple models for this use case. Will post back when I've got a working version.
You can also use the easy_roles gem. It is available on github. This gem provides a bitmask solution for your different user roles. You just must have one model, e.g User, this model gets an attribute "role". Just checkout the docs on github.
Devise + easy_roles + CanCan is a very good setup, it is very convenient in my opinion. I use this quite often.
Link to github: https://github.com/platform45/easy_roles
STI will give you current_admin, current_user1 and current_user2 Devise methods.
In application_controller.rb, create a custom current_user method like this:
def current_user
if current_admin
current_admin
elsif current_user1
current_user1
else
current_user2
end
end
helper_method :current_user
You will need some work on routes.rb and a custom sessions_controller.rb. See the accepted answer here Rails: Using Devise with single table inheritance
Related
I have an role column in my User model and I want to prevent someone from accessing the rails_admin routes if they don't have an admin flag. Since the RailsAdmin::MainController doesn't inherit from ApplicationController I'm not sure how I can insert this check before the view loads.
I'm not keen on creating a new Admin model as per the devise docs. I would like to use the same user account.
Does anyone have any suggestions? =)
You can define from which controller your rails admin will inherit by defining it in the config/initializers/rails_admin.rb file like this:
RailsAdmin.config do |config|
config.parent_controller = '::ApplicationController'
end
And also i recommend using a gem to handle authorization, cancancan or pundit will handle nicely your use case.
I'm trying to apply this post ( Devise update user without password ) for users don't need to insert password to update informations.
But, I'm very confused where is this controller. Devise don't create any controller in my app/controller folder. I search in all the folders but I cant find.
Where I that controller?
I see posts talking about create a new controller, but I just want to modify little things.
You don't edit (or shouldn't) the Devise controllers. Instead you create your own controller and inherent from the Devise controller.
# app/controllers/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def new
super
end
def update
# add custom update logic here
end
end
Notice how RegistrationsController inherets from Devise::RegistrationsController. Now you can overide the registration methods (or modify them and call super). Even the page you are referencing about overriding the devise default behavior relies on class inheritance.
JTG offers good advice, you shouldn't edit the gem directly. As a more direct answer to the question:
To print the folder of your gem:
$ bundle show devise
To open the gem in a text editor ( while being sure not to change anything )
$ bundle open devise
How do I execute a particular function after a user has signed up.
(I wanted to add to one of my associations, I already have it coded in a non-devise rails but now I need it here)
Device has provided helper action 'after_sign_in_path_for' you can override it within your application controller.
def after_sign_in_path_for(resource_or_scope)
.... #write your customize code or call any method
end
For sign up it would look like:
def after_sign_up_path_for(resource_or_scope)
if resource_or_scope.is_a? User # and perhaps other conditions
#... do something, go somewhere
else
super
end
end
Ofc. Assuming that your Devise user model is called User.
You can use the after_create callback in your User model.
The following guide has tons of examples: http://api.rubyonrails.org/classes/ActiveRecord/Callbacks.html
So, here's my problem. I currently am building a simple authentication system for a rails site. I have 3 classes for this: Person, Session, and Role. In my Person model I have defined method_missing to dynamically capture roles according to this guide.
In my application_controller I have some logic to deal with logins and log-outs, the result of which gives me the currently logged in user via:
#user = #application_session.person
Where #application_session is the current session
Now in one of my controllers, I don't want anyone to be able to do anything unless they are an admin, so I included:
before_filter #user.is_an_admin?
This raises a NoMethodError, even though I have method_missing defined in my model. I tried defining is_an_admin?, having it always return true as a test, and that works.
According to this question, I think the problem might have something to do with proxy associations. When I run:
puts #user.proxy_owner
I get a session object, since each user (Person) can have many sessions, and I got my user (Person) from the current session.
I am very confused why #user.is_an_admin? is not calling the method_missing method in my Person controller. Please let me know if you need more information or code snippets.
I am using Rails 3 on Ruby 1.9
I'd consider a method_missing an overkill for such task.
Now, if you have Session class, which belongs_to User, then you can have this:
class Session
belongs_to :user, :extend => PermissionMixin
end
class User
include PermissionMixin
end
module PermissionMixin
def admin?
if cond
true
else
false
end
end
end
P.S. Check cancan, perhaps it'll suit your needs better.
I use a similar permissions check in my system to check the User > Role > Permissions association:
User.current_user.can_sysadmin?
In my controllers I have to instead use:
User.current_user.send('can_sysadmin?')
This may work for you as well.
I have solved this by moving the method_missing method to my application_controller.rb. I change the logic of the method a little to check for a user, and if found, dynamically check the role. If things were not kosher, I had the method redirect to root_url or return true if the user matched the requested roles.
Finally, in my reports controller, I used before_filter :is_an_admin? and got my desired results. However, I am still unclear as to why method_missing had to be defined in my application controller as opposed to directly in the Person (aka #user) model?
I am using Devise on Rails and I'm wondering if there is a hook or a filter that I can use to add a bit of code to Devise's user registration process and send a welcome email to the user after an account has been created. Without Devise it would be something like this...
respond_to do |format|
if #user.save
Notifier.welcome_email(#user).deliver # <=======
...
The next most popular answer assumes you're using using Devise's :confirmable module, which I'm not.
I didn't like the other solutions because you have to use model callbacks, which will always send welcome emails even when you create his account in the console or an admin interface. My app involves the ability to mass-import users from a CSV file. I don't want my app sending a surprise email to all 3000 of them one by one, but I do want users who create their own account to get a welcome email.
The solution:
1) Override Devise's Registrations controller:
#registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def create
super
UserMailer.welcome(resource).deliver unless resource.invalid?
end
end
2) Tell Devise you overrode its Registrations controller:
# routes.rb
devise_for :users, controllers: { registrations: "registrations" }
https://stackoverflow.com/a/6133991/109618 shows a decent (not perfect) answer, but at least better than ones I'm seeing here. It overrides the confirm! method:
class User < ActiveRecord::Base
devise # ...
# ...
def confirm!
welcome_message # define this method as needed
super
end
# ...
end
This is better because it does not use callbacks. Callbacks are not great to the extent that they (1) make models hard to test; (2) put too much logic into models. Overusing them often means you have behavior in a model that belongs elsewhere. For more discussion on this, see: Pros and cons of using callbacks for domain logic in Rails.
The above approach ties into the confirm! method, which is preferable to a callback for this example. Like a callback though, the logic is still in the model. :( So I don't find the approach fully satisfactory.
I solved this by using a callback method. It's not the cleanest of solutions, not as clean as an observer, but I'll take it. I'm lucky Mongoid implemented the ActiveRecord callbacks!
after_create :send_welcome_mail
def send_welcome_mail
Contact.welcome_email(self.email, self.name).deliver
end
I would recommend using a ActiveRecord::Observer. The idea with the observer is that you would create a class with an after_save method that would call the notification. All you need to do is create the observer class and then modify the application configuration to register the observer. The documentation describes the process quite well.
Using the observer pattern means you do not need to change any logic in the controller.
Since a yield has been added to the Devise controller methods a while back, I think this is now probably the best way to do it.
class RegistrationsController < Devise::RegistrationsController
def create
super do |resource|
Notifier.welcome_email(resource).deliver if resource.persisted?
end
end
end