Rails App: Links to Devise views route to the home page.

Question

Iam using Devise + CanCan + Rolify in my app as the authorization and authentication solution.

The admin is doing all the user access management from their dashboard in my app. So Im trying to access all the Devise view links from within my "admin_dashboard.index.html file

Ive created a User controller in this app

Here is the admin_dashboard_index.html.erb file

<table id="users_index_table" %>
  <tr>
 <th>id</th>
     <th>user name</th>
 <th>user email</th>
 <th>user role</th>
     <th>reset password</th> 
 <th></th> 
 <th></th> 
 <th></th>  

  </tr>
<% @users.each do |user| %>
  <tr>
 <td><%= user.name %></td>
 <td><%= user.email %></td>
     <td><%= user.roles  %></td>
 <th><%= link_to 'reset password', edit_user_password_path %></th> 
 <td><%= link_to  %></td>
     <td><%= link_to 'Show', user %></td>
     <td><%= link_to 'Edit', edit_user_path(user) %></td>
     <td><%= link_to 'Destroy', user, confirm: 'Are you sure?', method: :delete %></td>
  </tr>
 <% end %>
 </table>
 <%= link_to 'New User', new_user_registration_path %>

Now the problem is when I click on these "user" links all work except for the "new_user_registration_path". When I click this it leads me to the home page of the app and the rails server shows this trace:

 Started GET "/users/sign_up" for 127.0.0.1 at 2012-06-16 18:24:49 -0700
 Processing by Devise::RegistrationsController#new as HTML
 User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 1 LIMIT 1
Redirected to http://localhost:3000/
Filter chain halted as :require_no_authentication rendered or redirected
Completed 302 Found in 2ms (ActiveRecord: 0.5ms)

How can I get the new user link to and the "edit_user_password_path" to work and route me to the appropriate fields as opposed to the home page.

Thanks

score 4 · Accepted Answer · edited May 23 '17 at 10:34

Based on the server output it looks like there is a filter that will not allow you to create a new user while you are already logged in (:require_no_authentication). After looking into how devise is set up they do have a before filter on their registrations controller that requires an un-authenticated session in order to create a new user registration.

prepend_before_filter :require_no_authentication, :only => [ :new, :create, :cancel ]

If your user controller is inheriting from Devise::RegistrationsController then you can either skip the filter altogether:

skip_before_filter :require_no_authentication, :only => [:new, :create]

Or you can write your own :require_no_authentication method to check if the logged in user is the admin or just a regular user. You could put this method at the bottom of your user controller:

protected

def require_no_authentication
    if current_user.is_admin?
        return true
    else
        return super
    end
end

If your controller is not inheriting from Devise::RegistrationsController then you would need to specify your custom controller when setting up your routes.

devise_for :users, :controllers => { :registration => "my/controller" }

And then obviously implement your own 'new' method.

I found a few existing stack overflow questions that also relate to this issue:

rails:3 Devise signup Filter chain halted as :require_no_authentication rendered or redirected

Setup devise with custom registration controller

score 4 · Answer 2 · edited Dec 19 '12 at 13:10

I override a registration controller, and comment sign_up line, when I created user, while other user already logged

class RegistrationsController < Devise::RegistrationsController            
  skip_before_filter :require_no_authentication                            
  def create                                        

    build_resource

    if resource.save
      if resource.active_for_authentication?
        set_flash_message :notice, :signed_up if is_navigational_format?
        # sign_up(resource_name, resource)
        respond_with resource, :location => after_sign_up_path_for(resource)
      else
        set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
        expire_session_data_after_sign_in!
        respond_with resource, :location => after_inactive_sign_up_path_for(resource)
      end
    else
      clean_up_passwords resource
      respond_with resource
    end
  end
end

and change routes

devise_for :users, :controllers => { :registrations => "registrations" }

Rails App: Links to Devise views route to the home page.

2 Answers2