Devise: Allow admins to edit other users - Rails

Question

I'm trying to allow an admin user to edit other users in Devise, but when I try to access an edit page for another user (e.g. /users/1/edit), I get the following message:

Unknown action

Could not find devise mapping for path "/users/1/edit"

The only path that seems to work is /users/edit, which shows the edit page for the current user.

In my routes file I have:

devise_for :users, :controllers  => { :registrations => 'users' }
resources :users

Any ideas? Thanks!

Answer 1

I've had to do this as well, and it's not currently built into devise. Since the answer most upvoted has a dead link, I thought I'd post my solution here.

You need to create a UsersController and built out your forms and controller on your own, but then you also need to isolate the UsersController that devise sets up. To do this, in your routes.rb file, modify your devise_for :users call to

devise_for :users, :path_prefix => 'd' # routes for devise modules on User

resources :users # custom admin-type CRUD for users

This will change all your default devise-handled routes to /d/users/... and let you have the /users/... path to let you manage users as an admin.

Devise also addresses this in their wiki.

Answer 2

Devise is great for user authentication but it does not come with built in support for managing users. So you'll have to build that yourself.

Here's an example of how to do it. The example is a few months old but it should point you in the right direction.

Answer 3

I've done what you're trying to do, and your routes look right.

You need to also create a UsersController that handles all of the CRUD actions you want to perform on users. This is separate from Devise.

When your UsersController is there, you can only allow admin users access to particular actions by redirecting (perhaps in a before filter) if the current_user is not an admin.