Ruby on Rails Devise添加管理员
[英]Ruby on Rails Devise Adding Admin
问题描述
I am trying to create a site that has 1 Admin and many users. 
我正在尝试创建一个具有1个Admin和许多用户的站点。 The Admin has control over all of the users. 管理员可以控制所有用户。
I am using: 我在用:
- Rails 4.0 -Rails 4.0
- Devise 3.2 -设计3.2
- Sqlite3 -SQLite3
I have generated a user model and followed instructions for adding an attribute to the user model using option 2. https://github.com/plataformatec/devise/wiki/How-To:-Add-an-Admin-role 我已经生成了一个用户模型,并按照说明使用选项2将属性添加到该用户模型中。https://github.com/plataformatec/devise/wiki/How-To: -Add-an-Admin- role
In the database it sets a boolean value for admin to false. 在数据库中,它将admin的布尔值设置为false。 Is it secure to allow admin control from the database? 允许从数据库进行管理员控制是否安全?
I am curious because the password is not stored in the database, but instead an encrypted string is stored. 我很好奇,因为密码未存储在数据库中,而是存储了加密的字符串。
Is there another way to create an admin? 还有另一种创建管理员的方法吗? I attempted to follow option 1 but it has given me a lot of trouble. 我尝试遵循选项1,但这给我带来了很多麻烦。
1 个解决方案
解决方案1
0 已采纳 2013-11-18 05:33:35
I found the question has already been asked in a different way 我发现问题已经以其他方式提出
Rails Devise - Admin role, model vs attribute Rails Devise-管理员角色,模型与属性
Option 1 is more secure and with option 2 anyone can add a parameter saying admin=true. 选项1更安全,使用选项2,任何人都可以添加参数admin = true。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.