I guess the title is self explanatory...how do I make only authenticated users to create a user with devise?
when I try to add a new one (when authenticated), devise says that I'm alreade authenticated
any workaround for this?
thanks a lot
edit: as requested, my code
user form
<% if #user == current_user %>
<i class="icon-info-sign"> </i><i>Após alterar seus dados, você terá de fazer login novamente</i>
<% end %>
<%= form_for(#user, :html => { :class => "well form-horizontal"}) do |f| %>
<% if #user.errors.any? %>
<div class="alert alert-error">
<h2><%= pluralize(#user.errors.count, "erro") %>
<% if #user.errors.count == 1 %> impede
<% else %>
impedem
<% end %>
a continuação:</h2>
<ul>
<% #user.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<label>Nome</label><%= f.text_field :nome %>
<label>E-mail</label><%= f.email_field :email %>
<% if #user == current_user or #user.created_at == nil%>
<label>Senha</label><%= f.password_field :password %>
<% end %>
<div>
<br />
<button class="btn" type="submit">
Salvar alterações
</button>
</div>
<% end %>
part of users controller
before_filter :authenticate_user!
def index
#users = User.all
respond_to do |format|
format.html # index.html.erb
format.json { render json: #users }
end
end
# GET /users/1
# GET /users/1.json
def show
#user = User.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.json { render json: #user }
end
end
# GET /users/new
# GET /users/new.json
def new
#user = User.new
respond_to do |format|
format.html # new.html.erb
format.json { render json: #user }
end
end
# GET /users/1/edit
def edit
#user = User.find(params[:id])
end
# POST /users
# POST /users.json
def create
#user = User.new(params[:user])
respond_to do |format|
if #user.save
format.html { redirect_to #user, notice: 'User was successfully created.' }
format.json { render json: #user, status: :created, location: #user }
else
format.html { render action: "new" }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
# PUT /users/1
# PUT /users/1.json
def update
#user = User.find(params[:id])
respond_to do |format|
if #user.update_attributes(params[:user])
format.html { redirect_to #user, notice: 'User was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: "edit" }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
application controller
class ApplicationController < ActionController::Base
protect_from_forgery
def after_sign_in_path_for(resource)
return request.env['omniauth.origin'] || stored_location_for(resource) || painel_path
end
end
part of routes
App::Application.routes.draw do
resources :acampantes
devise_for :users, :skip => [:registrations]
resources :profiles
resources :eventos do
resources :acampantes
end
# aqui tem um has_many, mas não precisa de nested routes
resources :noticias
resources :users#, :as => "usuarios"
The ideal way to do it would be to override registrations_controller.rb (as shown here) and skipping the before_filter check for the new and create action. I tried to do it myself, but unfortunately, I couldn't get it right.
Another way to do it, which worked for me, would be to create a separate User controller aside from the Registrations controller provided by Devise:
class UsersController < ApplicationController
before_filter :authenticate_user!
def new
#user = User.new
end
def create
#user = User.new(params[:user])
if #user.save
flash[:success] = "User saved"
redirect_to #user
else
render 'new'
end
end
end
# routes.rb
ApplicationName::Application.routes.draw do
devise_for :users
resources :users, :only => [:new, :create]
end
Then make a form for the new action:
# app/views/users/new.html.erb
<%= form_for(#user) do |f| %>
<div><%= f.label :email %><br />
<%= f.email_field :email %></div>
<div><%= f.label :password %><br />
<%= f.password_field :password %></div>
<div><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></div>
<div><%= f.submit "Sign up" %></div>
<% end %>
The problem with this approach is that the routes provided by Devise for signing-up still exists. A solution for that would be to prevent Devise from generating routes involving registration:
# routes.rb
devise_for :users, :skip => [:registrations]
This means that you are going to ignore the Registrations module completely and make your own. I got this idea from the Bare-bone, stripped-down Devise tutorial. Take note that you should make the controller actions and views to replace the ones provided by the registrations module of Devise. This includes new, edit, create, update, and destroy.
Related
This article explains how to let users make other users in devise. I've got it almost figured out, thanks to the answer provided in that article by Adam Waselnuk except I can't figure out how to create the same result with namespaced controllers and views. I get one of two errors, depending on how my routes.rb is set up... either Routing Error, No route matches [PUT] "/users/new" or
My code is below.
routes.rb
Rails.application.routes.draw do
namespace :admin do
resources :users, except: :create
end
post 'users/new' => 'admin/users#new', as: :create_user
resources :shows
resources :posts
resources :global_posts
devise_for :users, controllers: {
registrations: "users/registrations",
}
root 'pages#home'
get 'pages/home'
get 'admin' => 'admin#index', as: :admin
end
admin/users_controller.rb
class Admin::UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
# GET /admin/users
# GET /admin/users.json
def index
#all_users = User.all
end
def show
end
# GET /admin/users/new
def new
#user = User.new
end
# GET /admin/users/1/edit
def edit
end
# POST /admin/users
# POST /admin/users.json
def create
#user = User.new(user_params)
end
# PATCH/PUT /admin/users/1
# PATCH/PUT /admin/users/1.json
def update
respond_to do |format|
if #user.update(user_params)
format.html { redirect_to #user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: #user }
else
format.html { render :edit }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /admin/users/1
# DELETE /admin/users/1.json
def destroy
#user.destroy
respond_to do |format|
format.html { redirect_to root_path, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
#user = User.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(
:name, :email, :password, :password_confirmation
)
end
end
And finally, the admin/users/new.html.erb
<h2>New User</h2>
<%= form_for #user, url: create_user_path, html: { method: :put } do |f| %>
<div>
<%= f.label :name %><br />
<%= f.text_field :name, autofocus: true %>
</div>
<div>
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div>
<%= f.label :password %>
<%= f.password_field :password, autocomplete: "off" %>
</div>
<div>
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div>
<%= f.submit "Create New User" %>
</div>
<% end %>
Your route should be
post 'users' => 'admin/users#create', as: :create_user
Then you can create the user in
def create
#user = User.new(user_params)
#user.save
end
I have just followed step by step this other question, but my app is still giving me some errors regarding tagging (rails 4)
Error that Im experiencing is: Desktop/hack/app/controllers/jacks_controller.rb:85: syntax error, unexpected end-of-input, expecting keyword_end end ^
I have already re-intended as suggested in the chat, but nothing changed.
Code for reference
I have no associations between my models, (in the link that I have referred, there are associations)
jack form
<%= form_for(#jack) do |f| %>
<% if #jack.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(#jack.errors.count, "error") %> prohibited this jack from being saved: </h2>
<ul>
<% #jack.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :title %><br>
<%= f.text_field :title %>
</div>
<div class="field">
<%= f.label :description %><br>
<%= f.text_area :description %>
</div>
<div class="field">
<%= f.label :tag_list, "Tags (separated by comma)" %><br>
<%= f.text_field :tag_list %>
</div>
<div class="field">
<%= f.label :picture %><br>
<%= f.text_field :picture %>
</div>
<div class="actions">
<%= f.submit %>
jack.rb
class Jack < ActiveRecord::Base
acts_as_taggable_on :tags
end
Routes
Rails.application.routes.draw do
get 'tagged/index'
root :to => redirect('/jacks')
get 'about' => "about#info"
get 'submit' => "jacks#create"
resources :jacks
match 'tagged', to: 'jacks#tagged', :as => 'tagged', via: 'get'
resources :users
jack active helper
module JacksHelper
include ActsAsTaggableOn::TagsHelper
end
And controller
class JacksController < ApplicationController
before_action :set_jack, only: [:show, :edit, :update, :destroy]
# GET /jacks
# GET /jacks.json
def index
if params [:tag]
#jacks = Jack.tagged_with(params[:tag])
else
#jacks = Jack.all
end
# GET /jacks/1
# GET /jacks/1.json
def show
end
# GET /jacks/new
def new
#jack = Jack.new
end
# GET /jacks/1/edit
def edit
end
# POST /jacks
# POST /jacks.json
def create
#jack = Jack.new(jack_params)
respond_to do |format|
if #jack.save
format.html { redirect_to #jack, notice: 'Jack was successfully created.' }
format.json { render :show, status: :created, location: #jack }
else
format.html { render :new }
format.json { render json: #jack.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /jacks/1
# PATCH/PUT /jacks/1.json
def update
respond_to do |format|
if #jack.update(jack_params)
format.html { redirect_to #jack, notice: 'Jack was successfully updated.' }
format.json { render :show, status: :ok, location: #jack }
else
format.html { render :edit }
format.json { render json: #jack.errors, status: :unprocessable_entity }
end
end
end
# DELETE /jacks/1
# DELETE /jacks/1.json
def destroy
#jack.destroy
respond_to do |format|
format.html { redirect_to jacks_url, notice: 'Jack was successfully destroyed.' }
format.json { head :no_content }
end
end
def tagged
if params[:tag].present?
#jacks = Jack.tagged_with(params[:tag])
else
#jacks = Jack.postall
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_jack
#jack = Jack.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def jack_params
params.require(:jack).permit(:title, :description, :picture, :tag_list)
end
end
index method is missing an 'end'
def index
if params[:tag]
#jacks = Jack.tagged_with(params[:tag])
else
#jacks = Jack.all
end
end
I am new to Ruby on Rails and I can't wrap my head around the routing stuff.
I have a main view (index.html.erb) with a basic subscribe form with main controller, I have a resource named User in routes.rb with an associated user controller.
/app/views/main/index.html.erb
<%= form_for #user, remote: true do |f| %>
<%= f.text_field :email %>
<%= f.submit "Subscribe" %>
<% end %>
/app/controllers/main_controller.rb
class MainController < ApplicationController
def index
#user = Users.new
end
def create
#user = Users.new(params[:user])
respond_to do |format|
if #user.save
format.html { redirect_to #user, notice: 'Thank you !' }
format.js
else
format.html { render action: "new" }
format.js
end
end
end
end
/config/routes.rb
MyPage::Application.routes.draw do
get "main/index"
root 'main#index'
resources :users
end
UsersController is empty.
I know I need to change something in routes.rb but I don't get it. I get uninitialized constant MainController::Users error. Thanks !
Your problem is your UsersController is being confused as to inherit from MainController
This is either a routing issue or an issue with your system setup:
Routes
#config/routes.rb
root to: 'main#index'
resources :users, :main
View
<%= form_for #user, url: main_create_path, method: :post, remote: true do |f| %>
<%= f.text_field :email %>
<%= f.submit "Subscribe" %>
<% end %>
Controllers
class MainController < ApplicationController
def index
#user = Users.new
end
def create
#user = Users.new(params[:user])
respond_to do |format|
if #user.save
format.html { redirect_to #user, notice: 'Thank you !' }
format.js
else
format.html { render action: "new" }
format.js
end
end
end
end
class UsersController < ApplicationController
#your_stuff_here
end
I'm working on creating a survey app where surveys can have many questions and questions can have many surveys. What I'd like to do is on the survey show page display a button "Add new question" that allows a user to add a new question to that survey. So in my code I send the survey id like this:
<%= link_to "Add Question", new_question_path(:survey_id => #survey.id)%>
Then I can set #survey using the params I'm sending in my question controller. This is working fine in my :new method, but is throwing a nil error when I try to call in the :create method. I believe this is because a new instance of the controller is getting created which no longer has access to the :survey_id param I sent initially.
So I'm wondering if there is anyway to pass along the params to the next instance of the controller? Or is there a better way to send which survey should be set for that question? Is this something I could "save" in a hidden field? I thought about trying to save something in my model, but to save a question earlier would require me to remove the validations I have.
Here's my question_controller:
class QuestionsController < ApplicationController
before_action :set_question, only: [:show, :edit, :update, :destroy]
before_action :set_survey, only: [:new, :create]
# GET /questions
# GET /questions.json
def index
#questions = Question.all
end
# GET /questions/1
# GET /questions/1.json
def show
#answers = #question.answers
end
# GET /questions/new
def new
#question = Question.new
end
# GET /questions/1/edit
def edit
end
# POST /questions
# POST /questions.json
def create
#question = Question.new(question_params)
respond_to do |format|
if #question.save
#survey.questions << #question
format.html { redirect_to #question, notice: 'Question was successfully created.' }
format.json { render action: 'show', status: :created, location: #question }
else
format.html { render action: 'new' }
format.json { render json: #question.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /questions/1
# PATCH/PUT /questions/1.json
def update
respond_to do |format|
if #question.update(question_params)
format.html { redirect_to #question, notice: 'Question was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: #question.errors, status: :unprocessable_entity }
end
end
end
# DELETE /questions/1
# DELETE /questions/1.json
def destroy
#question.destroy
respond_to do |format|
format.html { redirect_to questions_url }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_question
#question = Question.find(params[:id])
end
def set_survey
#survey = Survey.find(params[:survey_id])
flash[:alert] = "Survey is " + #survey.to_s
end
# Never trust parameters from the scary internet, only allow the white list through.
def question_params
params.require(:question).permit(:title, :single_response, :surveys, :surveytizations)
end
end
And the form I'm creating the question with:
<%= form_for(#question) do |f| %>
<% if #question.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(#question.errors.count, "error") %> prohibited this question from being saved:</h2>
<ul>
<% #question.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :title %><br>
<%= f.text_field :title %>
</div>
<div class="field">
<%= f.label :single_response %><br>
<%= f.check_box :single_response %>
</div>
<div class="actions">
<%= f.submit %>
</div>
<% end %>
Thanks! Any help is very much appreciated!
UPDATE:
I was able to work using Rails.cache.write/Rails.cache.read - How to pass values between controller methods
Is there anything wrong with doing it that way or is that the best route?
I think you need to store the survey_id in a hidden field. Then you can access it from the questions controller. In your view:
<%= form_for(#question) do |f| %>
<%= f.hidden_field :survey_id %>
#rest of form
You also might have to change your new action to something like this:
#question = Question.new(:survey_id => params[:survey_id])
If the questions always belongs to a survey it could be a good idea to nest the routes so that you always can check which survey you are working on.
I am getting an error in Rails 3.2 with devise - my view is saying undefined method on line 1 below (user). This view is an edit profile page for logged in users.
So far I've tried changing this to current_user and defining that in my controller which I've provided below, but that did not work.
My only other suspicion is that form_for is not appropriate to use on this page?
<%= form_for(#user) do |f| %>
<% if #user.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(#user.errors.count, "error") %> prohibited this user from being saved:</h2>
<ul>
<% #user.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<%= f.label :username %><br>
<%= f.text_field :username %>
</div>
<div class="field">
<%= f.label :firstname %><br>
<%= f.text_field :firstname %>
</div>
<div class="field">
<%= f.label :lastname %><br>
<%= f.text_field :lastname %>
My controller... (as I said I tried current_user)
class UsersController < ApplicationController
def current_user
#current_user ||= User.find(session[:user_id])
end
def find
#user = User.new
end
def show
#user = User.find(params[:id])
end
# GET /users
# GET /users.json
def index
#users = User.all
end
# GET /users/1
# GET /users/1.json
# GET /users/new
def new
#user = User.new
end
# GET /users/1/edit
def edit
end
# POST /users
# POST /users.json
def create
#user = User.new(user_params)
respond_to do |format|
if #user.save
format.html { redirect_to #user, notice: 'User was successfully created.' }
format.json { render action: 'show', status: :created, location: #user }
else
format.html { render action: 'new' }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
respond_to do |format|
if #user.update(user_params)
format.html { redirect_to #user, notice: 'User was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: #user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
#user.destroy
respond_to do |format|
format.html { redirect_to users_url }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
#user = User.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:username, :firstname, :dateofbirth, :lastname, :gender, :location, :email, :password)
end
end
Devise comes with a current_user helper method. You probably don't want to override that, so I'd recommend removing that method from your controller. In one of my apps I allow users to edit their info and this is my edit method:
def edit
#user = current_user
end