0

I have two Devise models: User and Vendor. I don't want Vendors signing up themselves, so Admin users (controlled by boolean field on users table) should be able to create new Vendors while signed in. Currently when I try this while signed_in, I can't access the vendors_sign_up_path. I get this error from the server:

Filter chain halted as :require_no_authentication rendered or redirected

So apparently to access this page you can't be authenticated? Seems to make sense for most situations, but how can I override this? I've created a custom devise vendors/registrations controller like so to prevent auto-sign-in after sign-up (according to this) :

class Vendors::RegistrationsController < Devise::RegistrationsController

def create
    super
end


protected

def sign_up(resource_name, resource)
    true
end

end

It seems like I need to override something else in the registrations controller to get this done? Any help is much appreciated, thanks in advance!

Community
  • 1
  • 1
settheline
  • 3,333
  • 8
  • 33
  • 65
  • Why not just create a vendors/new page/action and create vendors through a regular form? You could even reuse the Devise form... – omarvelous Nov 22 '13 at 22:04
  • Ah that's a good idea I think. Will doing so include all of Devise's modules? I'll give it a try and let you know. – settheline Nov 24 '13 at 02:21

1 Answers1

0

Do you have something like this in your routes? 

resources :admins do
  resources :vendors
end
devise_scope :vendor do
  root to: "devise/sessions#new"
end

Anyway, my advise would be to use roles here:

#user.rb
class User < ActiveRecord::Base
  has_many :assignments
  has_many :roles, :through => :assignments
  def has_role?(role_sym)
    roles.any? { |r| r.name.underscore.to_sym == role_sym }
  end
end


#role.rb
class Role < ActiveRecord::Base
  attr_accessible :name
  has_many :assignments
  has_many :users, :through => :assignments  
end

#assignment.rb
class Assignment < ActiveRecord::Base
  attr_accessible :user_id
  belongs_to :user
  belongs_to :role
end

This way vendors can be registered as users and an admin should be able to change the role as vendor later.

CV-Gate
  • 1,162
  • 1
  • 10
  • 19
  • Hmmm...I have `Vendor` and `User` as different models for some important relational reasons, plus they have very few attributes in common. I don't really want to lump them into one User class, as the complexity of the relationships will only grow in the future. I don't have that `routes` code block. What exactly does that do? – settheline Nov 24 '13 at 02:29
  • First route gives the ability to admins to create vendors. Second route creates a Devise sign in path for vendors. – CV-Gate Nov 24 '13 at 08:48