jschuur/admin__user.html.erb Secret

## admin__user.html.erb
<tr>
	<td>
		<%= user.id %>
	</td>
	<td>
		<%= user.fullname %> (<%= link_to user.username, vanity_url_path(user.username) %>)<br>
	</td>
	<td>
		<% if user.homepage %>
			<%= link_to user.homepage, user.homepage %>
		<% end %>
	</td>
	<td>
		<%= user.bio %>
	</td>
	<td>
		<%= user.created_at %><br>
		<%= user.updated_at %>
	</td>
	<td>
		<%= link_to (user.is_admin ?  "Yes" : "No"), admin_path(:user => {:id => user.id, :is_admin => !user.is_admin}), {:confirm => "Are you sure?", :method => :update} %>
	</td>
</tr>

## admin_controller.rb
class AdminController < ApplicationController
  before_filter :authenticate_user!
  before_filter :confirm_admin

  def index
      @users = User.order('created_at DESC').all
  end

  def update
    flash[:notice] = 'Update'
  end

  private

  def confirm_admin
    if !current_user.is_admin
      redirect_to root_path
    end
  end

end

## admin_index.html.erb
<% title "User List" %>

<% if @users.empty? %>
	<em>No users (how on Earth are you logged in?)</em>
<% else %>
	<table >
		<th>
			ID
		</th>
		<th>
			User
		</th>
		<th>
			Homepage
		</th>
		<th>
			Bio
		</th>
		<th>
			Create / Update date
		</th>
		<th>
			Admin
		</th>
		<%= render :partial => "user", :collection => @users %>
	</table>
<% end %>

## routes.rb
AuthApp::Application.routes.draw do

  # User authentication routes
  devise_for :users, :path_names => {:sign_up => 'register', :sign_in => 'login', :sign_out => 'logout'}

  devise_for :user do
      match '/user/sign_in/twitter' => Devise::Twitter::Rack::Signin
      match '/user/connect/twitter' => Devise::Twitter::Rack::Connect
  end

  # Routes for out controller methods
  match '/funstuff' => 'funstuff#index', :as => :funstuff
  match '/admin' => 'admin#index', :as => :site_admin

  resources :admin

  # Catch-all for vanity URLs
  match '/:username' => 'profile#show', :as => :vanity_url

  # The home page
  root :to => 'home#index'
end

## user.rb
class User < ActiveRecord::Base
  # To use devise-twitter don't forget to include the :twitter_oauth module:
  # e.g. devise :database_authenticatable, ... , :twitter_oauth

  # IMPORTANT: If you want to support sign in via twitter you MUST remove the
  #            :validatable module, otherwise the user will never be saved
  #            since it's email and password is blank.
  #            :validatable checks only email and password so it's safe to remove

  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable, :lockable and :timeoutable, :validatable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :twitter_oauth

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :username, :fullname, :is_admin, :homepage, :bio, :password, :password_confirmation, :remember_me

  def self.find_for_authentication(conditions)
    conditions = ["username = ? or email = ?", conditions[authentication_keys.first],
                                               conditions[authentication_keys.first]]
    super
  end
end
	<tr>
	<td>
	<%= user.id %>
	</td>
	<td>
	<%= user.fullname %> (<%= link_to user.username, vanity_url_path(user.username) %>)<br>
	</td>
	<td>
	<% if user.homepage %>
	<%= link_to user.homepage, user.homepage %>
	<% end %>
	</td>
	<td>
	<%= user.bio %>
	</td>
	<td>
	<%= user.created_at %><br>
	<%= user.updated_at %>
	</td>
	<td>
	<%= link_to (user.is_admin ? "Yes" : "No"), admin_path(:user => {:id => user.id, :is_admin => !user.is_admin}), {:confirm => "Are you sure?", :method => :update} %>
	</td>
	</tr>
	class AdminController < ApplicationController
	before_filter :authenticate_user!
	before_filter :confirm_admin

	def index
	@users = User.order('created_at DESC').all
	end

	def update
	flash[:notice] = 'Update'
	end

	private

	def confirm_admin
	if !current_user.is_admin
	redirect_to root_path
	end
	end

	end
	<% title "User List" %>

	<% if @users.empty? %>
	<em>No users (how on Earth are you logged in?)</em>
	<% else %>
	<table >
	<th>
	ID
	</th>
	<th>
	User
	</th>
	<th>
	Homepage
	</th>
	<th>
	Bio
	</th>
	<th>
	Create / Update date
	</th>
	<th>
	Admin
	</th>
	<%= render :partial => "user", :collection => @users %>
	</table>
	<% end %>
	AuthApp::Application.routes.draw do

	# User authentication routes
	devise_for :users, :path_names => {:sign_up => 'register', :sign_in => 'login', :sign_out => 'logout'}

	devise_for :user do
	match '/user/sign_in/twitter' => Devise::Twitter::Rack::Signin
	match '/user/connect/twitter' => Devise::Twitter::Rack::Connect
	end

	# Routes for out controller methods
	match '/funstuff' => 'funstuff#index', :as => :funstuff
	match '/admin' => 'admin#index', :as => :site_admin

	resources :admin

	# Catch-all for vanity URLs
	match '/:username' => 'profile#show', :as => :vanity_url

	# The home page
	root :to => 'home#index'
	end
	class User < ActiveRecord::Base
	# To use devise-twitter don't forget to include the :twitter_oauth module:
	# e.g. devise :database_authenticatable, ... , :twitter_oauth

	# IMPORTANT: If you want to support sign in via twitter you MUST remove the
	# :validatable module, otherwise the user will never be saved
	# since it's email and password is blank.
	# :validatable checks only email and password so it's safe to remove

	# Include default devise modules. Others available are:
	# :token_authenticatable, :confirmable, :lockable and :timeoutable, :validatable
	devise :database_authenticatable, :registerable,
	:recoverable, :rememberable, :trackable, :twitter_oauth

	# Setup accessible (or protected) attributes for your model
	attr_accessible :email, :username, :fullname, :is_admin, :homepage, :bio, :password, :password_confirmation, :remember_me

	def self.find_for_authentication(conditions)
	conditions = ["username = ? or email = ?", conditions[authentication_keys.first],
	conditions[authentication_keys.first]]
	super
	end
	end