Eri*_*oss 8 ruby-on-rails devise
我正在努力使它只有管理员可以添加设计使用.我已经得到它主要工作但是现在当我以管理员身份登录并提交注册表单时,它将错误地踢回来:You are already signed in.
我试过按照这里的说明:http://wiki.summercode.com/rails_authentication_with_devise_and_cancan但似乎没有提到这种情况.
我是否需要进一步覆盖editors_controller才允许这样做?
这是我的路线("编辑"是我的用户模型的名称):
devise_for :admins, :skip => [:registrations]
as :admin do
get 'admin/editors' => 'editors#index', as: :admin_editors
get 'admin/editors/new' => 'editors#new', as: :new_editor
delete 'admin/editors/:id' => 'editors#destroy', as: :destroy_editor
end
devise_for :editors, :skip => [:registrations], :controllers => { :registrations => "editors" }
和我editors_controller的"app/controllers /"
class EditorsController < Devise::RegistrationsController
before_filter :check_permissions, :only => [:new, :create, :cancel]
skip_before_filter :require_no_authentication
def dashboard
render "editors/dashboard.html.haml"
end
def index
@editors = Editor.all
respond_to do |format|
format.html
end
end
private
def check_permissions
authorize! :create, resource
end
end
编辑
我Processing by Devise::RegistrationsController#create as HTML在提交表单时在日志中注意到了这一点.我曾怀疑也许skip_before_filter :require_no_authentication没有被调用,但是假设因为在过滤器之前EditorsController继承了RegistrationController它会正常工作.那不是这样吗?
您需要实现自己的create方法,EditorsController而不是从中继承该操作Devise::RegistrationsController.正如您所看到的,该方法Devise::RegistrationsController将首先检查您是否已经登录并且如果您已经将其踢回去.如果您尚未登录,则会创建一个User帐户,然后以该用户身份登录.
你试图避开这一问题skip_before_filter :require_no_authentication,但很可能是你的表格是POST荷兰国际集团,以/editors代替/admin/editors.所以,你需要添加,让你去的路线create上EditorsController:
as :admin do
post 'admin/editors' => 'editors#create'
# your other :admin routes here
end
然后你想要实现缩小版的create.你可能想要这样的东西:
class EditorsController < Devise::RegistrationsController
def create
build_resource(sign_up_params)
if resource.save
redirect_to admin_editors_path
else
clean_up_passwords resource
respond_with resource
end
end
# your other methods here
end
您还需要确保admin/editors/new模板将表单指向正确的路径('admin/editors').