4
votes

I am trying to restrict signups to a Devise admin. If possible, I would like to avoid using CanCan for now. I have created a separate Devise Admin model as described in option #1 here: https://github.com/plataformatec/devise/wiki/How-To:-Add-an-Admin-Role.

Next, I set up a CRUD interface for users as described here: https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface.

I would like to restrict new signups by using something like before_filter :authenticate_admin! in the Users controller, but for some reason it is not restricting new signups.

My routes.rb looks like this:

devise_for :admins
devise_for :users, :path_prefix => 'd'
resources :admins
resources :users, :controller => "users"

Any ideas why before_filter :authenticate_admin! is not restricting new signups?

3

3 Answers

9
votes

You can't use before_filter :authenticate_admin! in Users controller because admin and user are two different models in your app.

I don't know if I fully understand what you mean, but you can do this if you don't want to accept new registrations for User (or Admin):

# in your User(Admin) model
devise :registerable # remove :registerable

Hope this helps!

2
votes

I was looking for something similar; disabling new registrations altogether. I dug this up on a mailing list somewhere and while it solved my problem it might be a decent starting point for yours:

class RegistrationsController < Devise::RegistrationsController 
  def new
    flash[:failure] = t('registrations.registrations_disabled')
    redirect_to root_path
  end
end

Maybe something similar but add a check to see if the current_user is an admin then redirect based on that...

2
votes

I pondered about this for a while and finally came up with this.

There is a helper function for every model created by devise

class UsersController < Devise::RegistrationsController

  before_filter :authenticate_admin!

  def new
    if admin_signed_in?
      super
    else
      redirect_to admin_session_path
    end
   end

Hope this helps. It works like a charm :)