I'm pretty new to Rails, but followed the excellent suggestion/walkthrough here. I've gotten the creation of my two user types (Clients and Developers) to work successfully with Devise. However, I also want to allow both user types to edit some of their attributes after they are logged in. These attributes are also specific to their user types (client specific fields or developer specific fields).
To do this, I thought that I needed to create a custom update in user_registrations_controller which inherits from Devise::RegistrationController as would make sense. During my customization however, I realize within update I am unable to call other default methods from Devise::RegistrationController. As a sanity check, I overrode update with an exact copy of the update method as defined in the original Devise::RegistrationController and still had this issue.
More specifically, the error I receive is: undefined local variable or method 'account_update_params' for #<UserRegistrationsController:0x007fe4f0342d58>, despite account_update_params being a method in the inherited controller.
Is there a better way to edit the fields specific to my user types (client/developer) in Devise without having to customize update? Also, what is going on with this error here, as I believe I am inheriting from Devise::RegistrationController?
Any thoughts? Help and suggestions much appreciated! =)
Versions: Rails 3.2.12, ruby 1.9.3p249
After revisiting this, I found this related question. Though this post and top answer is specific to Rails 4, the solution can be found in the Gemfile.
Replace your devise gem include with
gem 'devise', :git => 'git://github.com/plataformatec/devise.git'
Simply doing gem 'devise' does not get this updated version, unfortunately. Hope this helps others!
Related
I need some help with the authorization. So far I was trying to solve it with the internal rails authorization combined with devise.
I have a user who is posting a request. If this request is private only a group of "reader" can see and answer the request. (This is number one)
Then the user give a rating to the answer of the reader. This should be accesible only for the user which received the answer and the "reader" who gave an answer.
So far I was using the following to limit access to the hidden requests:
before_filter :require_reader!, only: [:open_requests]
But if the request is not hidden, than still only the reader should be able to answer the request (but all can see it). Here I do not know how to manage this. Any Ideas?
To continue... I could not manage to solve the second problem (that the rating is seen only be the one who was placing the request and the reader).
Any ideas here?
Is cancancan maybe an option?
Best
witali
What you're doing does not quite follow the 'admin' pattern that's commonly setup with tools like Railsbricks. The 'admin' permissions pattern is typically a whole set of actions/views that are available only to admins, so often the entire Controller, or family of controllers, have the :require_admin! filter applied before every single action and view. Very simple permissions logic, and it depends only on the user and view.
Instead, what you've got is views with permissions that depend on your object's state as well as the user's status and the view. So you're going to have to write your own filter to use instead of using 'require_reader!'.
For example, you might have a RequestsController, and you could add to it:
before_action :must_be_able_to_view_request, except: [:index, :new, :create]
Then define that filter in the controller:
private
def must_be_able_to_view_request
if !current_user.is_reader? && !#request.ispublic
head :forbidden
end
end
If you need to use the same filter in other Controllers, then you can define it in your ApplicationController.
Working with user resources is an essential part of every application an so there it's a task which should be automated as much as possible.
As for Ember I found a tutorial https://github.com/heartsentwined/ember-auth-rails-demo/wiki
which describes how it can communicate with devise-based authentication system. And, wow, it's a hell of a boilerplate:)
Have something changed with new devise for Rails4 or things are the same?
ember-auth dev here.
Edit / Update for googlers: I have now built a rails 4 app, with devise, ember, and ember-auth. Apart from the following two gotchas, everything is working fine.
devise >= 3.1 removed the tokenAuthenticatable module. So I'd declare in my Gemfile:
gem 'devise', '>= 3.0', '< 3.1'
ember-data is drifting away from ActiveModelSerializers, towards json-api. Problem is, json-api itself isn't even stable. The quick and easy fix is to replace DS.RESTAdapter with DS.ActiveModelAdapter, which follows the ActiveModelSerializers conventions. It should "just work".
So, yeah, ember-auth does support rails4, because there is nothing BC-breaking with it per se.
(Previous answer:)
I have no experience with rails 4, but ember-auth itself doesn't rely on rails 3, or in fact rails / devise in particular. The only expectation is a set of API that your server exposes.[1] The docs describe the expectation from the server API.
As for using rails as a backend, ember-data explicitly declares support (and adherence to) active_model_seriailzers, which provides convenience methods for churning out json responses from rails models. However, since authentication actions do not conform to the "standard" RESTful model responses, the ember-auth-rails-demo tutorial itself hand-crafts the expected responses. Example:
def create
# ...
data = {
user_id: resource.id,
auth_token: resource.authentication_token,
}
if params[:remember]
resource.remember_me!
data[:remember_token] = remember_token(resource)
end
render json: data, status: 201
end
So, for rails 4 compatibility, I would investigate more on devise compatibility, any ActiveRecord changes, and in general other gem compatibilities as needed. As for ember-auth, it will still be handcrafting the expected responses, as outlined in the docs.
[1]: Even this expectation would be customizable, by writing customized adapters. Advanced usage, but I can elaborate more on this if needed.
I want to use premailer-rails to generate text part of email automatically.
gem 'hpricot'
gem "premailer-rails"
I'm not getting the text part when I look at the actual email.
It seems as if the gem is not enabled. Any idea why?
If the gem is not working, it may be because you are missing an initializer
Add this code in config/initializers/premailer_rails.rb
Premailer::Rails.config.merge!(preserve_styles: true, remove_ids: true)
Also
If you're using this gem outside of Rails, you'll need to call Premailer::Rails.register_interceptors manually in order for it to work. This is done ideally in some kind of initializer, depending on the framework you're using.
You can find this information on the gem's Github page https://github.com/fphilipe/premailer-rails.
On another note, they also recomend to use nokogiri instead of hpricot, seeing as the latter is no longer mantained.
I'm sharing one database for two web applications. The User model is already being used for one of these apps, so, in order to sign in to the other one, I had to create another model to avoid mixing users info.
I could make Devise work for this new model, called SystemUser. The problem is now I'll have to use every variable with another name. For example: current_system_user, system_user_signed_in?, etc. I'm using these variables, with their original name, across the whole application, and I would like to know if there's a way to avoid overwriting it. For example: by creating a method called current_user that returns current_system_user, and that way with the other variables mentioned before.
I think this should do the trick:
devise_for :users, class_name: 'SystemUser'
have you considered using CanCan for roles?
https://github.com/ryanb/cancan
I could finally solve the issue by generating the Devise views again. I don't know why, but the devise/sessions folder was missing, and it was doing it with another view, and when I started using it, it worked.
Thanks anyway.
I am absolutely new to Ruby on Rails, even to programming at all. I got started with Michael Hartl's Rails Tutorial using Rails 3.0.10. Now I alter its aim towards creating an application that allows users to manage their own "projects". These projects are to be exclusively available to the logged-in user, thus, invisible to others.
My problem is: I am unable to create a page with an URL like "~/users/1/projects", I don't know about the routing. All i get done is "~/projects", which is fairly not what i want at all. So, how do I get this problem fixed? Or am I totally off track with that idea?
I generated a Projects model by scaffolding. So, how can I implement it for the signed-in users?
this would be done by creating a nested resource. when you are new to rails and programming you should work yourself a way through a lot of tutorials and guides.
a good place to get an overview are the official rails guides. in this specific case the chapter about routing: http://guides.rubyonrails.org/routing.html#nested-resources
# config/routes.rb
resources :users do
resources :projects
end