Clever Geek Handbook

How to restrict registration to admin using Devise

I am trying to restrict registration by Devise admin. If possible, I would like to avoid using CanCan. I created a separate Devise Admin construct as described here in option # 1: https://github.com/plataformatec/devise/wiki/How-To:-Add-an-Admin-Role .

Then I installed the CRUD user interface as described here: https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface .

I would like to restrict new registrations using something like in the user manager before_filter :authenticate_admin!

, but for some reason it doesn't restrict new registrations.

My .rb routes looks like this:

devise_for :admins
devise_for :users, :path_prefix => 'd'
resources :admins
resources :users, :controller => "users"

Any ideas why before_filter :authenticate_admin!

not restricting new registrations?

+3


source to share


3 answers


You cannot use before_filter :authenticate_admin!

Users in the controller because Administrator and User are two different models in your application.

I don't know if I fully understand what you mean, but you can do this if you don't want to accept new user (or admin) registrations:



# in your User(Admin) model
devise :registerable # remove :registerable

Hope this helps!

+8


source


I was looking for something similar; completely disabling new registrations. I dug this up on a mailing list somewhere, and while it solved my problem, this might be a decent starting point for you:

class RegistrationsController < Devise::RegistrationsController 
  def new
    flash[:failure] = t('registrations.registrations_disabled')
    redirect_to root_path
  end
end


Possibly something similar, but add a check to see if current_user is an admin and then redirects based on that ...

+2


source


I pondered this for a while and finally came up with this.

There is a helper function for every model created during development

class UsersController < Devise::RegistrationsController

  before_filter :authenticate_admin!

  def new
    if admin_signed_in?
      super
    else
      redirect_to admin_session_path
    end
   end

Hope this helps. It works like a charm :)

+1


source






More articles:


All Articles