I would like to disable user registration for devise and move the creation of new users to an admin method under an admin namespace.
How could this be accomplished? I have searched and think I have to overrule the devise controllers disabling the custom user registration.
But how to make a new user based on a form under an admin namespace? Anyone done such a thing before and could share some pointers on how to get it done? thank you
Check out the devise Wiki, quite a common question (think this is what you are looking for)
https://github.com/plataformatec/devise/wiki/How-To%3a-Require-admin-to-activate-account-before-sign_in
Related
I'm working on a project that involves two Devise models (User and Admin). What I'd like to do is allow for Admin members to be able to view and manage Users in a RESTful way (i.e: index, show, create, update, destroy).
Would the best way be to create a users_controller and treat it like an average RESTful model (modifying each controller action to work with Devise where applicable)?
Any suggestions would be much appreciated.
Thanks.
CLARIFICATION UPDATE
It seems I wasn't clear about the question above. Answers below are about the authorisation of actions affecting the User model. This isn't what I'm asking about. I'm asking about the best way to facilitate the transaction itself, not the authorisation and restriction of the transaction. What would be the best way to have Admin members creating Users and updating User records without using the standard Devise self-signup. My intention is to disable self-signup so as to only allow new User registration by an Admin member creating the User account. Hopefully, this is more clear. Thanks.
I advise you take a look at the following gems Rolify and CanCan, there were integrated with devise here.
Here's a link
I'm building a service on Rails using Devise which requires an 'admin' user to add regular users to their organization account.
The default behaviour of Devise doesn't support this, as the ':require_no_authentication' method is called when a logged in admin user tries to create a regular user account.
What would be the recommended method of achieving the functionality I am looking for?
:require_no_authentication is called by prepend_before_filter in the
Devise::RegistrationsController class, rather that in one of the
RegistrationsController methods, so I do not know if this can be
overridden (correct me if I'm wrong).
I believe separating the admin users from the regular users would
work, however these users will share very similar properties, so I
believe doing this will add unnecessary repetition.
I am currently trying to create new admin users (who in turn create
the organization that regular users belong to) using the regular
Devise sign up flow with 'users#new' and 'users#create' controller
actions, and allowing admins to add new users through a 'users#add'
action.
If there is perhaps another good user authentication gem that would better suit my needs, I would be happy to take a look at switching to that.
This seems to be more of an authorization problem than an authentication problem. You can use an authorization gem, such as cancan, to assign roles to users (such as admin) and grant abilities to those roles. This works really well alongside Devise. Here's a tutorial:
http://www.tonyamoyal.com/2010/07/28/rails-authentication-with-devise-and-cancan-customizing-devise-controllers/
EDIT: I think I may have misunderstood your problem. Maybe what you need is just another controller to handle the creating of users outside of the Devise controllers. You could use cancan to restrict access to this controller to only admins.
I've searched topics but this exact question doesn't come up. Is it possible to separate the Devise user form to make it 2 separate forms?
change email
change password?
You only have to create a simple CRUD, as in any other case. it is also posible to generate the view that devise uses and/or override the controllers.
https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface
Managing your users is not really devise related, devise only really handles authentication.
I really like how devise offers an easy to use registration system out of the box but I'm having trouble extending it to do what I need. I need to create a public user profile for each user that shows their information like name, email, bio, and more info. I've done this in the past before with a users/show function but since devise doesn't provide any easily editable controllers, I'm having trouble figuring out how to do this. I've already run rails generate devise:views to copy the devise views to my app but I don't know where to go from here. Any help would be much appreciated.
Sounds like you want users to update their profile at the same time they create their account? If so, you can setup an associated Profile model with the User model. Using accepts_nested_attributes_for you can then create a record for the nested model on devise user registration submit/creation.
Here's a great screencast covering nested models and I also suggest you search other devise relate SO posts as this question has been discussed before.
There is an alternative approach, that is simpler to implement — only allow registered users edit/update their profile. This way you don't have to alter the Devise views and you can setup the various CRUD actions via a separate non-devise controller.
Throw in an Access Control List (ACL) solution such as CanCan (there are other alternatives too!) and you can even allow other users view profiles but deny access to edit/destroy etc.
I'm using devise for the user system but I have one problem. I'd like for a logged-in user to register new user. It's a question of security. However, a logged-in user can not currently register a new user.
I dont know how fix this.
Thanks by help!
I'm pretty sure the easist way would be just to turn off the devise config option :registerable, this will get rid of the sign_up paths and links.
Then just build your own user controller actions and views to interact directly with your User model.
The default devise registrations controller wants to auto create a new session for the newly created user which is why it won't let logged in users create another user.
Hope this helps.
The Devise documentation explains how to do that kind of thing.
You don't need to over-ride anything in devise. Just treat it like any other namespaced resource.