如何在不使用Ruby on Rails的设计的情况下添加新的管理员用户

Question

I am new in Ruby on Rails and I am using Ruby 1.9.3 andRails 4.0.2.

How can I add a new admin user without using of devise?

I am using below code and submit add new user form with data admin_user_params returns a blank and a blank record is inserted in database.

This my user db table

create_table :users do |t|
  t.integer :role_id
  t.string :name
  t.string :email
  t.string :username
  t.string :encrypted_password
  t.string :reset_password_token
  t.string :is_status
  t.string :is_active
  t.integer :sign_in_count
  t.string :current_sign_in_ip
  t.string :last_sign_in_ip
  t.string :authentication_token
  t.datetime :reset_password_sent_at
  t.datetime :remember_created_at
  t.datetime :current_sign_in_at
  t.datetime :last_sign_in_at

this is my controller

class Admin::UsersController < ApplicationController

  before_action :set_admin_user, only: [:show, :edit, :update, :destroy]

  def new
    @admin_user = User.new
  end



 def create
    #@admin_user = Admin::User.new(admin_user_params)
    @admin_user = User.new(admin_user_params)

    respond_to do |format|
      if @admin_user.save
        format.html { redirect_to @admin_user, notice: 'User was successfully created.' }
        format.json { render action: 'show', status: :created, location: @admin_user }
      else
        format.html { render action: 'new' }
        format.json { render json: @admin_user.errors, status: :unprocessable_entity }
      end
    end
  end
end 

* This is my User Model *

Note:

I don't want to create admin_user model. I want to using only User model for admin area and fronted area.

class User < ActiveRecord::Base

  #Setup accessible (or protected) attributes for your model
  attr_accessible :name, :username, :role_id, :email, :password, :password_confirmation, :remember_me, :id, :admin_permission
  attr_accessor :password, :new_password, :previous_email, :previous_username, :remember_me

  belongs_to :role

  def super_admin?
   self.role.name == "Super Admin"
  end
end

This is my View

<%= form_for [:admin,@admin_user]  do |f| %>
  <% if @admin_user.errors.any? %>
    <div id="error_explanation">
      <h2><%= pluralize(@admin_user.errors.count, "error") %> prohibited this admin_user from being saved:</h2>

      <ul>
      <% @admin_user.errors.full_messages.each do |msg| %>
        <li><%= msg %></li>
      <% end %>
      </ul>
    </div>
  <% end %>

  <div class="field">
    <%= f.label :Name %><br>
    <%= f.text_field :name %>
  </div>
  <div class="field">
    <%= f.label :Email %><br>
    <%= f.text_field :email %>
  </div>
  <div class="field">
    <%= f.label :Username %><br>
    <%= f.text_field :username %>
  </div>
  <div class="field">
    <%= f.label :Password %><br>
    <%= f.text_field :encrypted_password %>
  </div>
  <div class="actions">
    <p><%= f.submit 'Sign up'  %></p>
  </div>
 <% end %> 

Please Help.

Answer 1

I think the easiest way to add admin user functionality is to add a boolean admin row to your users table.

Then, in your controllers, you can control access to specific actions with a before_action that ensures the user is an admin, or else redirects to root_url (or wherever).

You can also selectively view elements in your views by calling User#admin? in a conditional.

Not sure if that meets your needs, but I hope it helps.

Answer 2

A nice flexible way to do this would be to use Rolify + Authority . This will allow you to assign admin roles to users in addition to other roles. From there you can control access to specific methods based on those roles.

The roles are applied to the users by associations, so you can ask questions like

@user.has_role? :admin  

This can be scoped globally, to models or to instances of models. Fine grain control while being easy to use.