Devise: how can I access the helper methods in all my controllers - ruby-on-rails-3

I'm trying to implement a devise sign in form in my nav bar header(twitter bootstrap), but it just tells me that resource isn't a defined method.
Do I need to somehow inherit the devise helper methods to achieve this?

When it comes to creating a custom sign in page, it doesn't have anything to do with your controller, it has to do with accessing things in your view, through the helper of helper methods. You want to add them to your application_helper.rb file. There is an overview of the method here:
https://github.com/plataformatec/devise/wiki/How-To:-Display-a-custom-sign_in-form-anywhere-in-your-app
In a nutshell, you basically want to add this to yours application_helper.rb
def resource_name
:user
end
def resource
#resource ||= User.new
end
def devise_mapping
#devise_mapping ||= Devise.mappings[:user]
end
I have used this a bunch of times in all my projects to make custom sign in forms in the navbar when I use twitter bootstrap. It works great and doesn't require you to change any other code anywhere else.

Related

Using the ActiveAdmin Submit button in relation to attr_accessible

I'm currently changing around how my ActiveAdmin interface works so that it integrates both attr_accessible items and CanCan. In some of my models I have a specific controller action for the Submit button on the form such as
= f.actions do
= f.action :submit, label: 'Update Password'
And in that Update Password method I am able to do the update_attributes(*,as: #admin_user.role.name.to_sym) where #admin_user is the current admin user. This allows only admin users with the permitted role to update their password.
The problem I have is when ActiveAdmin is doing the generic update, specifically
=f.action :submit
How can I pass options to ActiveAdmin so that when it does the update it will use the specified role? I know that the buttons use Formtasti, and that the :label method is part of that, but I can't seem to find anything about using passing other options.
One option for me is to write an override for the edit method in each of my models, but that kinda defeats the purpose of ActiveAdmin, doesn't it?
Now, my CanCan abilities already have been set so that only certain roles can access certain items. Does this override the attr_accessible items? I know that if the item is not attr_accessible, even if it's manageable in CanCan, will not change via mass-assignment.
What I really need to know is that if I were a hacker, could I inject an update_attributes(params[:whatever], as: :admin) and it would block it because of CanCan's Ability? Is it worth it to have both the item be protected via attr_accessibleand CanCan's Ability class?
ActiveAdmin and SimpleForm do not support the as: [role] feature which I was trying to work with. However, this isn't a problem with strong_parameters in Rails 4 since it's a completely different way of handling mass-assignment.
Also, CanCan does block out any mass-assignment hacks since you can't mass-assign unless you have access to the form, and if you don't have explicit :edit, :update, or :manage permission then you don't have access to the form.

Devise: Load a partial instead of showing a notice for non confirmed members

Is there a way to load a view for no confirmed users that login?
Default behaviour is to show a notice: " You have to confirm your account before continuing."
I tried
overrule the sessions#create method of devise checking for current_user.confirmed_at.blank?
in the after_singin_path check for current_user.confirmed_at.blank? and render the view instead
My goal is to render a custom view instead of the notice but cannot hook into the right location. Who knows how to accomplish this? thx!
You can simply copy the code from the devise github and place in your controllers/devise. then change any action or method you want to.
You may also just extend the devise session controller and override any action you want to.
class Abc < Devise::SessionsController
# this just reopens the class.
# Remember classes are never "closed" in ruby!
end
I like the ruby way of solving this, I guess that in your UsersController after a POST request the user will be returned and signed in using the sign_in(Object) helper Devise provides.
Also I suggest using a confirmed boolean instead of timestamp.
Why not check for the value using an if else statement the ruby way:
user.confirmed ? sign_in(user) : render :partial => 'path/partial'
Hope this might help you out

Isolated engine (doorkeeper) - use helper methods from the main_app

I want my doorkeeper views to use the application layout:
https://github.com/applicake/doorkeeper/wiki/Customizing-views
This contains routes and helper methods from the main application.
For the routes, I can prefix main_app to the path but for the helper method I get the following error:
undefined method `is_active?' for #<ActionDispatch::Routing::RoutesProxy:0xade808c>
<li class="<%= main_app.is_active?("high_voltage/pages", "api") %>"><%= link_to t('developers'), page_path('api') %></li>
Why is this? The helper is in app/helpers/application_helper.rb
If you generated the views and they are placed in app/views/doorkeeper/** then the engine still uses doorkeeper controllers.
To fix this, you have to include your helper(s) into the engine's ApplicationController. Let's say you have something like this:
app/helpers/application_helper.rb
module ApplicationHelper
def my_helper
"hello"
end
end
app/views/doorkeeper/applications/index.html.erb
<p>
<%= my_helper %>
</p>
This won't work until you include your application helpers into doorkeeper controllers. So in config/application.rb:
class YourApp::Application < Rails::Application
config.to_prepare do
# include only the ApplicationHelper module
Doorkeeper::ApplicationController.helper ApplicationHelper
# include all helpers from your application
Doorkeeper::ApplicationController.helper YourApp::Application.helpers
end
end
this is similar configuration when you want to customize the layout.
A helper method in application_helper.rb would not be a method for main_app.
The main_app variable is an object with a class/module of ActionDispatch::Routing::RoutesProxy.
main_app is a helper that gives you access to your application routes. main_app.page_path('api'), for example.
I'm assuming, with doorkeeper, you need to access the path you want; main_app.highvoltage_page_path('api').some_doorkeeper_active_method
This should hopefully, at least, send you in the right direction, see also:
http://edgeapi.rubyonrails.org/classes/Rails/Engine.html#label-Using+Engine%27s+routes+outside+Engine
Good luck.
Well, this question is very old, but I ran into exactly the same problem, and I have a solution. The one requested on Felipe Elias Philipp's answer.
You need to do a little "overwrite". Copy the doorkeepers' engine application_controller.rb file to your app into app/doorkeeper/. Then just change
module Doorkeeper
class ApplicationController < ActionController::Base
to
module Doorkeeper
class ApplicationController < ::ApplicationController
Which now makes doorkeeper use your ApplicationController which probably will have all the methods you need. Together with https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views everything works splendidly.

Customizing devise layouts for registrations vs. passwords

I have an application that uses devise for authentication. I am trying to customize the layouts for the devise controller, and I was able to do some of this by following the answers to another question here on Stack Overflow. However, I can't find anything about how to distinguish between the devise/passwords and devise/registrations controller. I am using the following code:
def layout_by_resource
if devise_controller?
if action_name == "edit" or action_name == "update"
"application"
else
"sessions"
end
else
"application"
end
end
The problem is that when a user tries to re-set their password, it's trying to use the application layout (since the action is edit). I need it to use the sessions layout. Can anyone help me figure out how to make that happen?
You should look at this response on different layout for sign_in action in devise, which highlights the Devise docs on How To Create Custom Layouts

RJS with Devise gem

What would be the proper way to set Devise gem (ruby on rails v3) in RJS style (example: http://railscasts.com/episodes/43-ajax-with-rjs)?
I usually create a create.js.erb file with alert(#error). When using devise I don't know how to properly get #error value. I would like to display all messages as javascript alerts.
I think, to achieve this you will need to write your own controllers (inherited from devise) and views. And then add respond_to :html, :js to this controllers. After this, controllers will be able to respond to javascript requests and you can manage your alerts.Read doc for how to create custom Devise views here: Devise