Devise / Rails - How to allow only the administrator to create an account for others?

Question

Devise / Rails - How to allow only the administrator to create an account for others?

I use devess as my authentication solution, and now I'm thinking of authorization. In my project, I (the administrator) is the only person authorized to create an account for others.

I wonder if there is a way to do this without a big hack. In fact, Devise does not allow the user to access the registration page if he is already logged in.

Thank you for your advice!

+4

ruby-on-rails authorization devise

benoitr Mar 14 '11 at 19:15

source share

3 answers

Setting :skip => :registrations also destroys the ability for the user to edit user information. If this is not what you are after, you can instead create a (minimal) user registration controller and remove only new_user_registration_path , while maintaining edit_user_registration_path .

 # app/controllers/registrations_controller.rb class RegistrationsController < Devise::RegistrationsController def new # If you're not using CanCan, raise some other exception, or redirect as you please raise CanCan::AccessDenied end end # routes.rb devise_for :users, :controllers => { :registrations => "registrations" }

Once you do this, you also need to move the views/devise/registrations directory only to views/registrations .

+9

cailinanne 20 sept '11 at 2:22

source share

In fact, it looks like in later versions of Devise, you can simply remove the “registered” declaration from your model, and it will take care of this for you.

+1

Jc grubbs Jan 05 '12 at 17:19

source share

Mcstretch · Accepted Answer · 2011-03-14T19:19:07+0000

You can try rails_admin gem with Devise to handle any admin related tasks. You will need to add more code to customize it, but at least you avoid hacking a decision in terms of changing your interactions with Devise.

Devise / Rails - How to allow only the administrator to create an account for others?

More articles: