0

我想标题是不言自明的......我如何只让经过身份验证的用户来创建具有设计的用户?
当我尝试添加一个新的(经过身份验证时)时,设计说我已经通过了
任何解决方法的身份验证?
多谢

编辑:根据要求,我的代码

用户表单 

<% if @user == current_user %>
<i class="icon-info-sign"> </i><i>Após alterar seus dados, você terá de fazer login novamente</i>
<% end %>

<%= form_for(@user, :html => { :class => "well form-horizontal"}) do |f| %>
  <% if @user.errors.any? %>
    <div class="alert alert-error">
      <h2><%= pluralize(@user.errors.count, "erro") %> 
        <% if @user.errors.count == 1 %> impede 
          <% else %>
            impedem
        <% end %>
      a continuação:</h2>

      <ul>
      <% @user.errors.full_messages.each do |msg| %>
        <li><%= msg %></li>
      <% end %>
      </ul>
    </div>
  <% end %>


<label>Nome</label><%= f.text_field :nome %>
<label>E-mail</label><%= f.email_field :email %>

<% if @user == current_user or @user.created_at == nil%>
  <label>Senha</label><%= f.password_field :password %>
<% end %>

<div>
<br />
<button class="btn" type="submit">
    Salvar alterações
</button>

</div>

<% end %>

用户控制器的一部分 

before_filter :authenticate_user!
  def index
    @users = User.all

    respond_to do |format|
      format.html # index.html.erb
      format.json { render json: @users }
    end
  end

  # GET /users/1
  # GET /users/1.json
  def show
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.json { render json: @user }
    end
  end

  # GET /users/new
  # GET /users/new.json
  def new
    @user = User.new

    respond_to do |format|
      format.html # new.html.erb
      format.json { render json: @user }
    end
  end

  # GET /users/1/edit
  def edit
    @user = User.find(params[:id])
  end

  # POST /users
  # POST /users.json
  def create
    @user = User.new(params[:user])

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
      else
        format.html { render action: "new" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  # PUT /users/1
  # PUT /users/1.json
  def update
    @user = User.find(params[:id])

    respond_to do |format|
      if @user.update_attributes(params[:user])
        format.html { redirect_to @user, notice: 'User was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: "edit" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

应用控制器

class ApplicationController < ActionController::Base
  protect_from_forgery

  def after_sign_in_path_for(resource)
        return request.env['omniauth.origin'] || stored_location_for(resource) || painel_path
    end
end

部分路线

App::Application.routes.draw 做

  resources :acampantes

  devise_for :users, :skip => [:registrations]

  resources :profiles

  resources :eventos do
    resources :acampantes
  end  

  # aqui tem um has_many, mas não precisa de nested routes
  resources :noticias
  resources :users#, :as => "usuarios"
4

1 回答 1

1

理想的方法是覆盖(如此registrations_controller.rb所示)并跳过对and操作的 before_filter 检查。我试着自己做,但不幸的是,我做错了。newcreate

另一种对我有用的方法是在 Devise 提供的 Registrations 控制器之外创建一个单独的 User 控制器:

class UsersController < ApplicationController
  before_filter :authenticate_user!

  def new
    @user = User.new
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      flash[:success] = "User saved"
      redirect_to @user
    else
      render 'new'
    end
  end
end

# routes.rb
ApplicationName::Application.routes.draw do
  devise_for :users
  resources :users, :only => [:new, :create]
end

然后为新动作制作一个表格:

# app/views/users/new.html.erb
<%= form_for(@user) do |f| %>

  <div><%= f.label :email %><br />
  <%= f.email_field :email %></div>

  <div><%= f.label :password %><br />
  <%= f.password_field :password %></div>

  <div><%= f.label :password_confirmation %><br />
  <%= f.password_field :password_confirmation %></div>

  <div><%= f.submit "Sign up" %></div>
<% end %>

这种方法的问题在于,Devise 提供的用于注册的路由仍然存在。一个解决方案是阻止 Devise 生成涉及注册的路由:

# routes.rb
devise_for :users, :skip => [:registrations]

这意味着您将完全忽略注册模块并自己制作。我从Bare-bone, stripped-down Devise 教程中得到了这个想法。请注意,您应该制作控制器操作和视图来替换 Devise 的注册模块提供的操作和视图。这包括neweditcreateupdatedestroy

于 2012-04-25T04:24:32.507 回答