Creating an admin user in Devise on Rails beta 3

Question

Ok, I\'m probably going to feel quite dumb when someone answers this one with a simple thing that I\'m missing but... here goes:

I\'ve got a brand new app on rails 3

Answer 1

What you are really trying to do is create seed data. A more standard way to do this would be to add your seed users (and roles, if you are storing them) to db/seeds.rb

For exmaple in db/seeds.rb:

roles = Role.create([{name: 'super_admin'}, {name: 'staff'}, {name:'customer'}])
users = User.create([{email: 'super@test.com', first_name: 'super', last_name: 'admin', password: '@dmin123', password_confirmation: '@dmin123', role: roles[0]}])

Then run:

rake db:seed

Answer 2

Yup. I feel dumb.

If anyone else is having a similarly vapid moment. Just use the rails console to create the admin user:

➡ rails c
Loading development environment (Rails 3.0.0.beta3)
irb(main):001:0> admin = Admin.create! do |u|
irb(main):002:1* u.email = 'sample@sample.com'
irb(main):003:1> u.password = 'password'
irb(main):004:1> u.password_confirmation = 'password'
irb(main):005:1> end

That will do it. Now just visit your admin sign in path and sign in.

Answer 3

There is convenient way for populating tables - db/seed.rb file. Just add the script for creating users in it and run:

rake db:seed

Below you can see example of User model with email and username fields:

# Inserting default security users
users = {

    admin: {

        username: 'admin',
        email: 'admin@gmail.com',
        password: 'adminpass',
        password_confirmation: 'adminpass',
        is_admin: true
    },

    administrator: {

        username: 'administrator',
        email: 'administrator@gmail.com',
        password: 'administrator',
        password_confirmation: 'administrator',
        is_admin: true
    }
}

users.each do |user, data|

  user = User.new(data)

  unless User.where(email: user.email).exists?
    user.save!
  end
end

Note, that devise validations are applied here.

Here you can find more examples of using the seed.rb file and here is the rayn's rails cast.

Answer 4

try appending /sign_in to your admin path, whatever you set it to...mine is

http://yoursite.com/admin/sign_in?unauthenticated=true

Answer 5

@Stewart You are correct. Using an admin flag in the user model is acceptable and can still co-exist with many authorization options. Take a look at the Ability class in the cancan docs for an example of how this might look:

def initialize(user)
  if user.admin?
    can :manage, :all
  else
    can :read, :all
  end
end

Having multiple authorization models can be useful if the functionality is really different or if the requirements for authorization, such as adding subdomain to the authkeys, is different.

Another approach is to add a HABTM roles relationship to your user. Here is a nice tutorial by Tony Amoyal: http://www.tonyamoyal.com/2010/07/28/rails-authentication-with-devise-and-cancan-customizing-devise-controllers/

Answer 6

This may not apply to Devise (but I believe it will), but in general if you want to seed an admin user but don't want to store your admin password in source control, you can do something like this...

@user = User.find_by_email("admin@email.com")

unless @user
  # We are going to bypass both our assignment protection and validation
  # so we aren't storing the password in source control.
  #
  # This doesn't replace the need to change the password occasionaly, both
  # on the site and in source control.
  @user = User.create do |u|
    u.name = "Admin User"
    u.email = "admin@email.com"
    u.password_digest = "$2a$10$DUv/IUiLB34jhi3j4Z8MwwcaDlBmFe3rvcdXSzPKLzBOAMmD53UqW"
  end

  @user.save(:validate => false)

  # TODO make the user an admin
end

You can create the user locally with the password you want to find the password_digest.