I am trying to build an application with devise and where there will be more than one role.
Such has user/admin. If i understand properly the documentation the way devise works and you build a new model/controller called user for one role and a new model/controller for admin. Which his fairly simple however here the issue i have
route.rb I have the following
devise_for :admins
devise_for :customers
resources :events
root :to => 'events#index'
In the controller I however place this
before_filter :authenticate_customer!
I also try has follow
before_filter :authenticate_customer! || :authenticate_admin!
But both technics still redirect me to the sign in page if I login has an admin. What should I do both to talk, unless i create two different website which then turn out to be useless.
Here are also a few more questions. When i go into edit it ask me for current_password, how can i remove this feature?
Is there also a way for me to stop member or registering ( aka admin)
Thanks in advanced.
I’m making an app right now that also has multiple roles (admin, student, teacher, etc). You need to realize that Devise is an authentication solution, it authenticates that a user is real. For role-based permissions, you need an authorization solution, which authorizes a user to do some action. Devise has support for an admin role, but for more than that, you’ll want an authorization solution.
Cancan is the gem I’d suggest for that. I used this tutorial when I was setting it up for my app. There’s also a part 2 to the tutorial that you might find interesting. It not too hard to setup either (I’m just learning Rails myself since about 8 months ago).