I guess the title is self explanatory…how do I make only authenticated users to create a user with devise?
when I try to add a new one (when authenticated), devise says that I’m alreade authenticated
any workaround for this?
thanks a lot
edit: as requested, my code
user form
<% if @user == current_user %>
<i class="icon-info-sign"> </i><i>Após alterar seus dados, você terá de fazer login novamente</i>
<% end %>
<%= form_for(@user, :html => { :class => "well form-horizontal"}) do |f| %>
<% if @user.errors.any? %>
<div class="alert alert-error">
<h2><%= pluralize(@user.errors.count, "erro") %>
<% if @user.errors.count == 1 %> impede
<% else %>
impedem
<% end %>
a continuação:</h2>
<ul>
<% @user.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<label>Nome</label><%= f.text_field :nome %>
<label>E-mail</label><%= f.email_field :email %>
<% if @user == current_user or @user.created_at == nil%>
<label>Senha</label><%= f.password_field :password %>
<% end %>
<div>
<br />
<button class="btn" type="submit">
Salvar alterações
</button>
</div>
<% end %>
part of users controller
before_filter :authenticate_user!
def index
@users = User.all
respond_to do |format|
format.html # index.html.erb
format.json { render json: @users }
end
end
# GET /users/1
# GET /users/1.json
def show
@user = User.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.json { render json: @user }
end
end
# GET /users/new
# GET /users/new.json
def new
@user = User.new
respond_to do |format|
format.html # new.html.erb
format.json { render json: @user }
end
end
# GET /users/1/edit
def edit
@user = User.find(params[:id])
end
# POST /users
# POST /users.json
def create
@user = User.new(params[:user])
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render json: @user, status: :created, location: @user }
else
format.html { render action: "new" }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PUT /users/1
# PUT /users/1.json
def update
@user = User.find(params[:id])
respond_to do |format|
if @user.update_attributes(params[:user])
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: "edit" }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
application controller
class ApplicationController < ActionController::Base
protect_from_forgery
def after_sign_in_path_for(resource)
return request.env['omniauth.origin'] || stored_location_for(resource) || painel_path
end
end
part of routes
App::Application.routes.draw do
resources :acampantes
devise_for :users, :skip => [:registrations]
resources :profiles
resources :eventos do
resources :acampantes
end
# aqui tem um has_many, mas não precisa de nested routes
resources :noticias
resources :users#, :as => "usuarios"
The ideal way to do it would be to override
registrations_controller.rb(as shown here) and skipping the before_filter check for thenewandcreateaction. I tried to do it myself, but unfortunately, I couldn’t get it right.Another way to do it, which worked for me, would be to create a separate User controller aside from the Registrations controller provided by Devise:
Then make a form for the new action:
The problem with this approach is that the routes provided by Devise for signing-up still exists. A solution for that would be to prevent Devise from generating routes involving registration:
This means that you are going to ignore the Registrations module completely and make your own. I got this idea from the Bare-bone, stripped-down Devise tutorial. Take note that you should make the controller actions and views to replace the ones provided by the registrations module of Devise. This includes
new,edit,create,update, anddestroy.