Allowing admins to add users with Devise

Question

I\'m trying to make it so only admins can add uses with devise. I\'ve gotten it mostly working however now when I\'m logged in as an admin and submit the sign up form it kic

Answer 1

You'll want to implement your own create method on EditorsController instead of inheriting that action from Devise::RegistrationsController. As you're seeing, the method in Devise::RegistrationsController will first check to see if you're already logged in and kick you back if you are. If you're not logged in it will create a User account and then log you in as that user.

You're trying to get around that problem with skip_before_filter :require_no_authentication, but it's likely that your form is POSTing to /editors instead of /admin/editors. So, you'll need to add a route that allows you to get to create on the EditorsController :

as :admin do
  post 'admin/editors' => 'editors#create'
  # your other :admin routes here
end

Then you'd want to implement a scaled down version of create. You probably want something kind of like this :

class EditorsController < Devise::RegistrationsController
  def create
    build_resource(sign_up_params)
    if resource.save
      redirect_to admin_editors_path
    else
      clean_up_passwords resource
      respond_with resource
    end
  end

  # your other methods here
end

You'll also want to make sure that the admin/editors/new template is pointing the form to the correct route ('admin/editors').