I have a user registration page and will send the information to couple of admin users that one new user registered in the site.
Now, I created the seed data with list of users (200+). So, It'll send the 200+ email to the respective admin users. Hence, I want to stop send the mail confirmation to admin users when creating new user.
For Devise, add user.skip_confirmation! before saving.
user = User.new(
:email => 'person#example.com',
:password => 'password1',
:password_confirmation => 'password1'
)
user.skip_confirmation!
user.save!
Cite: https://github.com/plataformatec/devise/pull/2296
Another option is to do something like
user = User.new.tap do |u|
u.email = 'email#server.com'
u.password = 'hackme!'
u.password_confirmation = 'hackme!'
u.skip_confirmation!
u.save!
end
In that way, you instantiate the object, skip the confirmation and save it in one step and return it to the user variable.
It's just another way to do the same in one step.
Related
I'm trying to create admin roles that can go in and change other users information. I've already got everything set up pretty much except that I can't get the edit method to select the correct user to update.
Looking in the devise code, it looks like I need to update the resource to be the user of the profile that's being selected instead of the current user (which would be the admin).
How do I go about updating the resource that is sent into the devise edit view and update action? It looks like it might have something to do with this
def authenticate_scope!
send(:"authenticate_#{resource_name}!", :force => true)
self.resource = send(:"current_#{resource_name}")
end
So for example, what I want to do is
def update_resource
self.resource = User.find(params[:id])
end
Is this possible?
I'm sending around 100 emails at a time using the following mailer in my Rails 3 application:
def new_resource_notification(resource, user)
#resource = resource
#user = user
mails = User.where(:email_subscribe => true).map(&:email)
mail(:to => "admin#domain.com", :bcc => mails, :subject => "New item added")
end
When I look at the outgoing email logs it's sending each email to admin#domain.com and adding all users to the bcc field as expected.
What I would prefer, if possible, is for each email to be sent to the users email without any bcc entries.
Is this possible and/or recommended?
Yes, it is possible, but you will have to do a loop, which will send single e-mail to each user. It will take much more rescources and will be slower; that's why lots of mailers do "BCC method" rather than send single emails.
I have a Rails app where I am using Devise for authentication. Devise lets users click to get an email containing a link to reset their password.
My problem is that the email field is not required in the table "user". There's a login field to authenticate, that is sincronized from another system. I can't set email to required.
I want to verify the email field and return a custom message to the user, if the email is not set. If it is, then Devise will continue and reset the password.
I saw in another post, that I have to override the method "email_required?" in the user model, but I still get the error message "Email cant be blank".
def email_required?
false
end
In your user model you should probably have some kind of validation for email like so
validates_presence_of :email
Also if you wanted to migrate the database to have email as not null it would be like so
change_column :users, :email, :string, :null => false
I have set up a test applications and have setup devise to take care of the authentication, additionally I have set up a component where they are sent to a create profile page after registration which works well.
The problem I have is when a logged in user goes to edit they're profile it is easy for then to change the query string and access another users data -
http://localhost:3000/profiles/1/edit
the question i have is how do I lock this down to the current user so that can only edit they're data?
Robbie
I would go for a before_filter.
# in profiles controller
class ProfilesController < ApplicationController
before_filter :find_profile
before_filter :check_if_authorized
def find_profile
#profile = Profile.find(params[:id])
end
def check_if_authorized
render :status => 404 and return unless current_user == #profile.user
end
end
Assumptions:
devise model is named User
user has one profile
you're already checking if a user is logged in
You can use token authentication along with session for more precise and secure authentication.
Add devise :token_authenticatable to the model User
This will create an authentication token into the field authentication_token field of users table every time a user is created.
Then go for a before_filter :verify_auth_token
def verify_auth_token
if current_user.authentication_token == params[:auth_token]
return true
else
return false
end
end
Also the edit request should be http:///profiles/1/edit?auth_token=12wqaasaeaad
I made authentication in my Rails 3 app fallowed by Tony's tutorial
I don't want public registrations on my app, just to create new users with Admin account, but I can't create Admin account manually, because in table Users there is encrypted password and salt that must to be generated, and I don't know how :|
You can do it from the rails console. From the command line goto the directory of your rails application and type rails console. Then enter the following code to create a user:
user=User.create!(:email=>'test#test.com',:username=>'test',:password=>'password')
This will create a user object (assuming your devise resource is called User). Now you can use the user object that you just created to set admin privileges.
I am current something like this (your details may be different) in my seeds.rb file to create my admin user for Devise.
User.new({ :email => 'admin#example.com', :password => 'password', :password_confirmation => 'password'}).save
You can execute it using rake db:seed in the terminal window.
In addition, if you are using confirmable and want to skip the requirement for a confirmation email when creating new accounts you can do something like this:
newuser = User.new({ :email => 'admin#example.com',
:password => 'password',
:password_confirmation => 'password'})
newuser.skip_confirmation!
newuser.save
This is useful if the accounts you are creating are for trusted users or if you are creating test accounts.