Rails Devise: How will the Admin be able to Edit other users?
Question
I saw this Rails Devise: How to access sign up page after signed in? and it worked. Now I want to know how to allow Admin to edit some Users. Any inputs? Thank you in advance!
UPDATE:
I didn't create any models for the admin since I migrated an admin:boolean inside the User model. And no need for cancancan. See how I use the admin:
<% if current_user.admin? %>
<!-- do something only the admin is allowed to do-->
<% else %>
<!-- do something by user that can also be done by the admin-->
<% end %>
1 answers
solution1
2 2014-09-29 07:20:36
You have to divide two concepts: auhtentication and authorization. Authentication is when your app tells: "Oh, I know this user, I've seen him before, because I know his email. It was here, somewhere in my User table in the db". Authorization is to give your user rights to do something or deny access on some action.
Devise - is a great gem for authentication (registering users, sign_in/sign/out, sessions, passwords and so on). Devise has no authorizational features.
So, you have two ways: 1) code authorization system by yourself, or 2) use the authorizational gems. Here are great gem for authorization that fit with Devise very well: Cancan and tutorial from it's author.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.