当前位置: 文江博客话题详情

使用 Devise 进行管理员用户管理

发布于 2024-11-15 01:17:57 字数 304 浏览 1 评论 0原文

我是第一次尝试 Devise。我想做的事情之一是为管理员用户提供一个界面来创建、查找和编辑用户。这就是我可能出错的地方。

我创建了一个 PeopleController 类,它继承自 ApplicationController,列出人员并提供用于创建和更新用户的方法和视图。除了一个例外,一切都工作正常。当管理员用户更新自己的记录时,会话将被清除,他们必须在保存后重新登录。

在此应用程序中,我没有使用可注册模块。只有管​​理员用户才能创建新用户。设计提供用户管理工具的正确方法是什么?创建我自己的控制器似乎是一条错误的道路。

预先感谢您的帮助。

原文

I am trying out Devise for the first time. One of the things that I wanted to do is provide an interface for Admin users to create, find and edit users. Here's where I may have gone wrong.

I created a PeopleController class which inherits from ApplicationController that lists people and provides methods and views for creating and updating users. Everything works fine with one exception. When the admin user updates their own record, the session is cleared and they have to login again after saving it.

In this application I'm not using the registerable module. Only an admin user can create new users. What is the right way in devise to provide user management tools. Creating my own controller seems to have been the wrong path to take.

Thanks in advance for your help.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

剩余の解释 2024-11-22 01:17:57

非常感谢您的帮助。这基本上正是我正在做的事情。我发现了一个线索,帮助我解决了用户在这个wiki中编辑自己的记录时会话被清除的问题:

https://github.com /plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password

这是我需要的行:

sign_in resource_name, resource, :bypass => true

此方法位于Devise::Controllers::Helpers 所以我在我的控制器中做了这个。

class PeopleController < ApplicationController
   include Devise::Controllers::Helpers

然后在我的更新方法中,仅当 current_user.id 等于正在编辑的 id 时才调用它:

def update
  @person = User.find(params[:id])
  if @person.update_attributes(params[:user])
    sign_in @person, :bypass => true if current_user.id == @person.id
    redirect_to  person_path(@person), :notice  => "Successfully updated user."
  else
    render :action => 'edit'
  end
end

现在,如果当前用户编辑自己的记录,会话将在保存后恢复。

再次感谢您的回复。

Thank you very much for the help. This is essentially exactly what I am doing. I discovered a clue that helped me solve the problem of the user's session being cleared when they edit their own record in this wiki:

https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password

This is the line I needed:

sign_in resource_name, resource, :bypass => true

This method is located in Devise::Controllers::Helpers so I did this in my controller.

class PeopleController < ApplicationController
   include Devise::Controllers::Helpers

Then in my update method I call it only if the current_user.id equals the id that is being edited:

def update
  @person = User.find(params[:id])
  if @person.update_attributes(params[:user])
    sign_in @person, :bypass => true if current_user.id == @person.id
    redirect_to  person_path(@person), :notice  => "Successfully updated user."
  else
    render :action => 'edit'
  end
end

Now if the current user edits their own record, the session is restored after it is saved.

Thanks again for your responses.

回复 原文
茶底世界 2024-11-22 01:17:57

这就是我在我的一个应用程序中管理用户的方式。我只生成了一个 User

rails g devise User

,我通过此迁移添加了一个 role 列:

class AddRoleToUser < ActiveRecord::Migration
  def change
    add_column :users, :role, :string, :default => "client"
  end
end

以及我的 User 模型:

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable, :lockable and :timeoutable
  devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me

  def admin?
    self.role == "admin"
  end
end

然后创建新用户您所要做的就是在控制器(甚至可能是子类 Devise::RegistrationsController)中提供一个自定义方法,如下所示:

# some_controller.rb
def custom_create_user
  if current_user.admin?
    User.create(:email => params[:email], password => params[:password])
    redirect_to(some_path, :notice => 'sucessfully updated user.')
  else
    redirect_to(some_other_path, :notice => 'You are not authorized to do this.')
  end
end

This is how I manage users in one of my apps. I have only one User class generated with

rails g devise User

to which I added a role column with this migration:

class AddRoleToUser < ActiveRecord::Migration
  def change
    add_column :users, :role, :string, :default => "client"
  end
end

and my User model:

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable, :lockable and :timeoutable
  devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me

  def admin?
    self.role == "admin"
  end
end

Then to create new users all you would have to do is provide a custom method in a controller (maybe even subclass Devise::RegistrationsController) like this:

# some_controller.rb
def custom_create_user
  if current_user.admin?
    User.create(:email => params[:email], password => params[:password])
    redirect_to(some_path, :notice => 'sucessfully updated user.')
  else
    redirect_to(some_other_path, :notice => 'You are not authorized to do this.')
  end
end
回复 原文
~没有更多了~

关于作者

沉溺在你眼里的海

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

missyouangeled

文章 0 评论 0

三生一梦

文章 0 评论 0

压抑⊿情绪

文章 0 评论 0

天涯离梦残月幽梦

文章 0 评论 0

指尖微凉心微凉

文章 0 评论 0

☆獨立☆

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文