Authenticate using Devise and Rails Admin for particular routes

旧街凉风 提交于 2019-12-06 02:25:53

问题


I use Rails Admin and Devise for admin and user model. I have added one column "admin" to the user model to indicate its identity.

In the config/routes.rb, I mount /admin for RailsAdmin:Engine

I want to only allow current_user.admin users to access /admin, otherwise, redirect user to home page.

How can I implement this in the cleanest code?


回答1:


on your admin controllers:

class MyAdminController < ApplicationController
  before_filter :authenticate_user!
  before_filter :require_admin
end

on your application controller:

class ApplicationController < ActionController::Base


  def require_admin
    unless current_user && current_user.role == 'admin'
      flash[:error] = "You are not an admin"
      redirect_to root_path
    end        
  end
end

Sorry, didn't notice it was with rails admin, you can do:

# in config/initializer/rails_admin.rb

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    unless current_user.try(:admin?)
      flash[:error] = "You are not an admin"
      redirect_to main_app.root_path
    end
  end
end


来源:https://stackoverflow.com/questions/15198677/authenticate-using-devise-and-rails-admin-for-particular-routes

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!