RoutingError after upgrading ActiveAdmin to v.0.6.2

Question

I recently upgraded ActiveAdmin from v.0.5.1. to v.0.6.2. I ran the generator to upgrade my configuration and merged the settings with the existing files.

rails generate active_admin:install User

The ActiveAdmin interface seems to be working. But I can no longer successfully run specs which worked before. I receive an ActionController::RoutingError:

Failure/Error: visit '/users/sign_out'
ActionController::RoutingError:
  No route matches [GET] "/users/sign_out"

The following spec acts as an example to discuss the failure behavior:

# spec/features/users/active_admin_spec.rb
require 'spec_helper'

describe 'Active Admin' do

  before(:all) do
    I18n.locale = :en
  end

  it "rejects a reqular user" do
    @user = create(:user)

    visit '/users/sign_out'
    visit '/users/sign_in'
    fill_in I18n.t('devise.sessions.new.email'), with: @user.email
    fill_in I18n.t('devise.sessions.new.password'), with: @user.password
    click_button I18n.t('devise.sessions.new.sign_in')

    visit "/admin"
    expect(page).not_to have_content "Dashboard"
    expect(page).to have_content "Unauthorized Access!"
  end

end

...

# config/routes.rb
MyApp::Application.routes.draw do

  namespace :api, defaults: {format: :json} do
    namespace :v1 do
      resources :sessions, only: [:create, :destroy]
      resources :users, only: [:create]
    end
  end

  # Configuration when using ActiveAdmin v.0.5.1
  # devise_for :users, controllers: { sessions: "sessions" }

  config = ActiveAdmin::Devise.config
  config[:controllers][:sessions] = "sessions"
  devise_for :users, config

  ActiveAdmin.routes(self)

  root :to => "home#index"    
end

This is the relevant part of rake routes before upgrading:

           new_user_session GET    /users/sign_in(.:format)               sessions#new
               user_session POST   /users/sign_in(.:format)               sessions#create
       destroy_user_session DELETE /users/sign_out(.:format)              sessions#destroy
              user_password POST   /users/password(.:format)              devise/passwords#create
          new_user_password GET    /users/password/new(.:format)          devise/passwords#new
         edit_user_password GET    /users/password/edit(.:format)         devise/passwords#edit
                            PUT    /users/password(.:format)              devise/passwords#update
   cancel_user_registration GET    /users/cancel(.:format)                devise/registrations#cancel
          user_registration POST   /users(.:format)                       devise/registrations#create
      new_user_registration GET    /users/sign_up(.:format)               devise/registrations#new
     edit_user_registration GET    /users/edit(.:format)                  devise/registrations#edit
                            PUT    /users(.:format)                       devise/registrations#update
                            DELETE /users(.:format)                       devise/registrations#destroy
          user_confirmation POST   /users/confirmation(.:format)          devise/confirmations#create
      new_user_confirmation GET    /users/confirmation/new(.:format)      devise/confirmations#new
                            GET    /users/confirmation(.:format)          devise/confirmations#show
                 admin_root        /admin(.:format)                       admin/dashboard#index
            admin_dashboard        /admin/dashboard(.:format)             admin/dashboard#index
   batch_action_admin_users POST   /admin/users/batch_action(.:format)    admin/users#batch_action
                admin_users GET    /admin/users(.:format)                 admin/users#index
                            POST   /admin/users(.:format)                 admin/users#create
             new_admin_user GET    /admin/users/new(.:format)             admin/users#new
            edit_admin_user GET    /admin/users/:id/edit(.:format)        admin/users#edit
                 admin_user GET    /admin/users/:id(.:format)             admin/users#show
                            PUT    /admin/users/:id(.:format)             admin/users#update
                            DELETE /admin/users/:id(.:format)             admin/users#destroy
batch_action_admin_comments POST   /admin/comments/batch_action(.:format) admin/comments#batch_action
             admin_comments GET    /admin/comments(.:format)              admin/comments#index
                            POST   /admin/comments(.:format)              admin/comments#create
              admin_comment GET    /admin/comments/:id(.:format)          admin/comments#show

This is the relevant part of rake routes after upgrading:

           new_user_session GET        /admin/login(.:format)                 sessions#new
               user_session POST       /admin/login(.:format)                 sessions#create
       destroy_user_session DELETE|GET /admin/logout(.:format)                sessions#destroy
              user_password POST       /admin/password(.:format)              active_admin/devise/passwords#create
          new_user_password GET        /admin/password/new(.:format)          active_admin/devise/passwords#new
         edit_user_password GET        /admin/password/edit(.:format)         active_admin/devise/passwords#edit
                            PUT        /admin/password(.:format)              active_admin/devise/passwords#update
   cancel_user_registration GET        /admin/cancel(.:format)                devise/registrations#cancel
          user_registration POST       /admin(.:format)                       devise/registrations#create
      new_user_registration GET        /admin/sign_up(.:format)               devise/registrations#new
     edit_user_registration GET        /admin/edit(.:format)                  devise/registrations#edit
                            PUT        /admin(.:format)                       devise/registrations#update
                            DELETE     /admin(.:format)                       devise/registrations#destroy
          user_confirmation POST       /admin/confirmation(.:format)          devise/confirmations#create
      new_user_confirmation GET        /admin/confirmation/new(.:format)      devise/confirmations#new
                            GET        /admin/confirmation(.:format)          devise/confirmations#show
                 admin_root            /admin(.:format)                       admin/dashboard#index
            admin_dashboard GET        /admin/dashboard(.:format)             admin/dashboard#index
   batch_action_admin_users POST       /admin/users/batch_action(.:format)    admin/users#batch_action
                admin_users GET        /admin/users(.:format)                 admin/users#index
                            POST       /admin/users(.:format)                 admin/users#create
             new_admin_user GET        /admin/users/new(.:format)             admin/users#new
            edit_admin_user GET        /admin/users/:id/edit(.:format)        admin/users#edit
                 admin_user GET        /admin/users/:id(.:format)             admin/users#show
                            PUT        /admin/users/:id(.:format)             admin/users#update
                            DELETE     /admin/users/:id(.:format)             admin/users#destroy
batch_action_admin_comments POST       /admin/comments/batch_action(.:format) admin/comments#batch_action
             admin_comments GET        /admin/comments(.:format)              admin/comments#index
                            POST       /admin/comments(.:format)              admin/comments#create
              admin_comment GET        /admin/comments/:id(.:format)          admin/comments#show

It seems to ignore the SessionsController.
I use Devise v.2.2.7.

Authorization bug

I just noticed that this configuration allows access to ActiveAdmin for non-admin-users. So there is more to fix here. Visit /admin when signed-in as a regular user to try yourself.

Authorization bug resolved

There never was a problem with ActiveAdmin v.0.6.2. I simply busted the configuration I had set up originally. At that time I followed a tutorial on how to set up ActiveAdmin and Devise with a single user model. Basically, I accidently replaced the following parameter:

# config/initializers/active_admin.rb
config.authentication_method = :authenticate_active_admin_user!

with this:

# config/initializers/active_admin.rb
config.authentication_method = :authenticate_user!

This configuration is generated when running rails generate active_admin:install User.

Finally, I can tell that Leger has served the correct configuration. I am happy to accept your answer since everything is working now (as far as I can tell).

score 1 · Accepted Answer · edited May 23 '17 at 10:31

The problem is in the order in which you define the routes. Check out the answers to this question

In short: put devise_for before resources :users in routes.rb

UPD to solve routing error after moving devise_for on top

There is some conflict in namings because ActiveAdmin is used for User. Block

config = ActiveAdmin::Devise.config
config[:controllers][:sessions] = "sessions"
devise_for :users, config

defines everything related to admins with standard devise_path_variables in /admin/-style way:

new_user_session     GET         /admin/login(.:format)    sessions#new
user_session         POST        /admin/login(.:format)    sessions#create
destroy_user_session DELETE|GET  /admin/logout(.:format)   sessions#destroy

overriding everything related to plain user, so routes like '/users/sign_out' simply don't exist.

To fix it you need to define both routes for plain-user and admin-user, adjusting routes.rb:

SysAdmin::Application.routes.draw do

  # define plain-user routes    
  devise_for :users, :controllers => { :sessions => "sessions" }

  # define admin-user routes    
  config = ActiveAdmin::Devise.config
  config[:controllers][:sessions] = "sessions"
  config[:as] = 'admin' # override standard_path_variable naming for admins
  devise_for :users, config

  namespace :api, defaults: {format: :json} do
    namespace :v1 do
      resources :sessions, only: [:create, :destroy]
      resources :users, only: [:create]
    end
  end

  root :to => "home#index"
  ActiveAdmin.routes(self)
end

On limiting access for non-admins, check out http://stackoverflow.com/questions/9415884/how-to-limit-acces-to-active-admin-to-admin-users Hope it helps — Leger, Oct 24 '13 at 20:03

score 0 · Answer 2 · answered Dec 19 '14 at 09:28

0

ADd these into your routes file

devise_scope :admin_user do
    post '/admin/logout', :to => 'active_admin/devise/sessions#destroy'
end

hope this will work

answered Dec 19 '14 at 09:28

Azmat Rana

532
3
11

RoutingError after upgrading ActiveAdmin to v.0.6.2

Authorization bug

Authorization bug resolved

2 Answers2