Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Devise authenticate_user

Tags:

ruby-on-rails

devise

help my in that question:

i have 2 models ( admin and user ) -> created with devise, and i have post_controller:

and the question arises:

if i have one model ( user.rb ) -> in my controller i put that:

before_filter :authenticate_user!, :except => [:show, :index]

but i have 2 models and i want to User have access to 'show' and 'index' action of post controller and Admin have access to all actions.

and i do something like that:

   before_filter :logged_in
.
.
.
    private
        def logged_in
          if admin_signed_in?

          else 
            authenticate_user!
          end   
        end

but i want change my string:

authenticate_user!

to something like that:

:authenticate_user!, :except => [:show, :index]
but except refers to before_filter

how can I do it ( without 'cancan' gem )

like image 960
Dmytro Vasin Avatar asked Sep 05 '12 09:09

Dmytro Vasin

People also ask

What does devise Authenticate_user do?

Devise also comes with some very useful helper functions: before_action :authenticate_user! — Add to any controller to limit access to an action unless a user is logged in.

How does devise Current_user work?

current_user works by storing id of current user in the application session. Most commonly session is stored in cookies. Whether or not the cookies survive browser restart depends on client's browser settings.

Does devise work with Rails 7?

Our out-of-the box Devise setup is now working with Rails 7. Once again, if you'd like to refer to any of the code for this setup, or use the template wholesale for a new app, the code is available on GitHub, and you may also use it as a template repo to kick off your own Rails 7 devise projects.

What is devise warden?

The devise gem is basically based on a warden gem, which gives an opportunity to build authorization direct on a Ruby Rack Stack. This gem is pretty straightforward and well documented. Warden fetches a request data and checks if the request includes valid credentials, according to a defined strategy.

1 Answers

Try using two before filters - one for admin only actions, and another for admin or user actions.

# ensure admin for other actions
before_filter :check_admin_logged_in!, :except => [:show, :index]

# ensure user or admin logged in for these actions (:only option is optional)
before_filter :check_user_logged_in!, :only => [:show, :index]

private
    def check_admin_logged_in! # admin must be logged in
        authenticate_admin!
    end
    def check_user_logged_in! # if admin is not logged in, user must be logged in
      if !admin_signed_in?
        authenticate_user!
      end   
    end
like image 106
ronalchn Avatar answered Nov 12 '22 03:11

ronalchn
Sign in to Comment

Related questions

Ruby convert IDN domain from Punycode to Unicode
Vanity, Rails 3 and Heroku
Has anyone been able to get attachment_fu to work with rails 3?
rails generate rspec:install - no such file to load --sprockets/railtie (LoadError)
Using define_method inside a Module that gets included inside a Class?
multiple belongs_to relationships between two classes in Rails
Ruby on Rails highlight current link on navigation bar?
Is there a way to know if a page request came from the same application?
rails routing nested resources
I can't run bundler, keep getting error
RoR -- NoMethodError: private method `open' called for Gem::Package:Class
Rails - Add attributes not in model and update model attribute
What's a good way to require a whole directory tree in Rails?
Rails scope testing for nil
List of RSpec's generators
How to handle massive storage of records in database for user authorization purposes?
How to make the validation that only accepts lower case 'a-z' and number '0-9'
uninitialized constant devise::controllers::internalhelpers
Give custom messages in page_entries_info of will_paginate in rails
Paperclip Errno::EACCES (Permission denied - /system)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!