I have a similar requirement, as you do, and also do not want any user to be able to register. All that will be taken care of by the administrator. Her is what I did.
I added another development model called admin
rails generate devise MODEL
Disable "Registered" for the user model so that the user cannot at his discretion
user.rb
class User < ActiveRecord::Base # Include default devise modules. Others available are: # :token_authenticatable, :encryptable, :confirmable, :lockable, :registerable, :timeoutable and :omniauthable devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable # Setup accessible (or protected) attributes for your model attr_accessible :email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :role, :admin # attr_accessible :title, :body end
Enable CRUD for the user using the sample from here: https://gist.github.com/1056194
Finally, protect the user controller in this way.
users_controller.rb
Hope this helps.
source share