Good afternoon. I'm a beginner in Rails and I'm starting this project in college and I need some help. I have users that don't need sign up. I will create all the users. Then, I decided to use the gem ActiveAdmin, and I can add the users through the graphic interface. I thought it would be easy but, after finish the installation, I tried to add some user and I've got a surprise:
I have all those fields created by devise to edit.
http://i.stack.imgur.com/yAK1h.png
I wanna know if there is a way that I can edit only the fields created by me, and those other fields automatically fill, like if I'm creating a new user with devise.
P.S: I wanna just lines to follow, not the entire resolution. I'm really lost rs.
Yes, you can set which inputs you want to appear in your form:
ActiveAdmin.register AdminUser do
form do |f|
f.inputs do
f.input :email
f.input :password
end
f.actions
end
end
The rest of the inputs will be filled by Devise.
Docs for ActiveAdmin form: https://github.com/gregbell/active_admin/blob/master/docs/5-forms.md
Related
I'm currently changing around how my ActiveAdmin interface works so that it integrates both attr_accessible items and CanCan. In some of my models I have a specific controller action for the Submit button on the form such as
= f.actions do
= f.action :submit, label: 'Update Password'
And in that Update Password method I am able to do the update_attributes(*,as: #admin_user.role.name.to_sym) where #admin_user is the current admin user. This allows only admin users with the permitted role to update their password.
The problem I have is when ActiveAdmin is doing the generic update, specifically
=f.action :submit
How can I pass options to ActiveAdmin so that when it does the update it will use the specified role? I know that the buttons use Formtasti, and that the :label method is part of that, but I can't seem to find anything about using passing other options.
One option for me is to write an override for the edit method in each of my models, but that kinda defeats the purpose of ActiveAdmin, doesn't it?
Now, my CanCan abilities already have been set so that only certain roles can access certain items. Does this override the attr_accessible items? I know that if the item is not attr_accessible, even if it's manageable in CanCan, will not change via mass-assignment.
What I really need to know is that if I were a hacker, could I inject an update_attributes(params[:whatever], as: :admin) and it would block it because of CanCan's Ability? Is it worth it to have both the item be protected via attr_accessibleand CanCan's Ability class?
ActiveAdmin and SimpleForm do not support the as: [role] feature which I was trying to work with. However, this isn't a problem with strong_parameters in Rails 4 since it's a completely different way of handling mass-assignment.
Also, CanCan does block out any mass-assignment hacks since you can't mass-assign unless you have access to the form, and if you don't have explicit :edit, :update, or :manage permission then you don't have access to the form.
I'm sure this is pretty basic, but I'm somewhat new to rails and struggling to find a solution via search.
I'm implementing a message model to enable private messaging on a forum. I have the models resource nested within a users resource.
Currently the model works, but I want to enable a user to reply to a private message directly on the message show page. I.e users/1/messages/16 instead of users/1/messages/new. Currently this is the default route for 'update' within the MessagesController. Is there anyway to make the form on this page hit the 'create' action within the controller, instead of the 'update'?
Thanks.
Sure, I would try something like this:
On your show page just add a new form.
<%= form_for :message, :url => new_user_message_path do |f| %>
...
<% end %>
You can check the routes of your application using this command:
bundle exec rake routes
I suggest you to read the rails guide: http://guides.rubyonrails.org/
I've been starting to use simple_form in my rails application, which is quite nice. But I was not able to find a function which allows me to rename a field, without the use of i18n.
I have a radio button in my formular, which allows to choose the delivery type. Controlled by that a few fields need a different naming (but its still the same field with the same information).
(e.g. there's a delivery note which is called weight note or notification depending on the delivery type, but contains the same information).
I checked the readme, the railscast and searched a lot but didn't find a build-in way to do that. One option of course would be to create a special locales file just for that, but that feels a little over the top.
I found my answer in a different question regarding simple_form. After looking for that part in the readme, I also found it there.
<%= simple_form_for #user do |f| %>
<%= f.input :username, :label => 'Whatever name you want..' %>
<% end %>
This also overwrites the name given in the i18n file.
I'm trying to use the authlogic-connect plugin to add oauth support to my web app but I'm getting the error:
unknown attribute: oauth_provider
when UsersController#create is called. It is failing when I try to create a new user from the parameters that are being passed in:
#user = User.new(params[:user])
Sure enough, the parameters include this attribute:
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"lHX2BTFTd5xITTfY/X8A9R3vca3YaRuHFoWdqy8ZPik=",
"user"=>{"oauth_provider"=>"linkedin"},
"commit"=>"LinkIn"}
From the documentation, I assumed that this was what you are supposed to do:
Second, if you are using Oauth, you must include an input with name oauth_provider
and value twitter or whatever other provider you might want (see example apps for
dynamic example).
Any ideas on how this is supposed to work? All of the example forms are in yaml - which I don't know - and I'm trying to create this from using embedded ruby code. Here's the form that I'm using:
<!-- authlogic-connect hack -->
<%= form_for #user do |f| %>
<%= f.radio_button(:oauth_provider, "linkedin") %>
<%= f.label(:oauth_provider_linkedin, "Link In Fool") %>
<%= f.submit :value => "LinkIn" %>
<% end %>
As Dimitry pointed out, the best answer to this question is to use devise + omniauth instead of trying to get authlogic to work. Authlogic simply doesn't support rails3. I spent at least a week trying to get authlogic to work the way I wanted and I never solved the problem. I then spent a few hours getting devise + omniauth to do exactly what I want (i.e. you can create an account with LinkedIn or on the sight and you can associate them together so that you can login with LinkedIn or with email and password to the same account).
Hey,
I'm pretty new to rails and for learning effect, I try to implement my own authorization system.
Right now I'm having a Page Controller to control some static pages and nothing more, and a Session Controller where I plan to implement most of the authorization process.
My problem is, I have no clue how to get my partial to use the sessions-controller, when I add it to one of the static pages controlled by the pages controller.
It stated out with this http://ruby.railstutorial.org/chapters/sign-in-sign-out#top but i don't want it on an extra page.
so I tried setting the routes and I got an exception "no path found for '/'" as soon as I deleted "resources :sessions" it worked fine again.
my partial looks like this:
<%= form_for(User.new) do |f| %>
<%= f.submit "Login" %>
<% end %>
there's also a div class="action" block around the submit but can't find out how to escape it
this is included into my home via
<%= render 'sessions/new' %>
Thanks for your help
edit my solution:
I added to routes.rb:
resources :sessions
Furthermore I changed form_for(#user) to
<%= form_for(:session, url => sessions_path)
so this works.
I Highly recommed that you look at the railscast http://railscasts.com/episodes/250-authentication-from-scratch , it will give you an idea how to create authentication without forgetting some important steps.
Then you can use the gem devise which is an excellent authentication gem.
Have you tried putting your functions and everything for authentication within a Session Helpers file? Then, in your Application Controller if you add "include SessionsHelper" this should give you access to all the helper functions from Session that you should need