Skip to content

Instantly share code, notes, and snippets.

@h-sakano
Last active May 24, 2019
Embed
What would you like to do?
Devise registration
<%
options = {
url: form_url
}
options[:as] = resource_name if defined?(resource_name) && resource_name.present?
%>
<%= form_for(resource, options) do |f| %>
<% if !defined?(password_only) || !password_only %>
<%= f.email_field :email %>
<% end %>
<% required = false %>
<% if resource.new_record? %>
<% required = true %>
<% end %>
<%= f.password_field :password, autocomplete: "off", required: required %>
<%= f.password_field :password_confirmation, autocomplete: "off" %>
<% if resource.persisted? && !current_user.has_role?(:admin) %>
<%= f.password_field :current_password, autocomplete: "off" %>
<% end %>
<%= f.submit %>
<% end %>
<% form_url = (request.path_info.to_s == edit_other_user_registration_path(resource)) ? other_user_registration_path(resource): user_registration_path %>
<%= render 'shared/users/form', resource: resource, resource_name: resource_name, form_url: form_url %>
# frozen_string_literal: true
class Users::RegistrationsController < Devise::RegistrationsController
prepend_before_action :require_no_authentication, only: [:cancel]
prepend_before_action :authenticate_scope!, only: [:update, :destroy]
prepend_before_action :set_minimum_password_length, only: [:new, :edit]
before_action :configure_sign_up_params, only: [:create]
before_action :configure_account_update_params, only: [:update]
before_action :creatable?, only: [:new, :create]
before_action :editable?, only: [:edit, :update]
# GET /resource/sign_up
# def new
# super
# end
# POST /resource
# def create
# super
# end
# GET /resource/edit
def edit
if by_admin_user?(params)
self.resource = resource_class.to_adapter.get!(params[:id])
else
authenticate_scope!
super
end
end
# PUT /resource
def update
if by_admin_user?(params)
self.resource = resource_class.to_adapter.get!(params[:id])
else
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
end
prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
if by_admin_user?(params)
resource_updated = update_resource_without_password(resource, account_update_params)
else
resource_updated = update_resource(resource, account_update_params)
end
yield resource if block_given?
if resource_updated
if is_flashing_format?
flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ?
:update_needs_confirmation : :updated
set_flash_message :notice, flash_key
end
if !by_admin_user?(params)
bypass_sign_in resource, scope: resource_name
end
respond_with resource, location: after_update_path_for(resource)
else
clean_up_passwords resource
set_minimum_password_length
respond_with resource
end
end
# DELETE /resource
# def destroy
# super
# end
# GET /resource/cancel
# Forces the session data which is usually expired after sign
# in to be expired now. This is useful if the user wants to
# cancel oauth signing in/up in the middle of the process,
# removing all OAuth session data.
# def cancel
# super
# end
protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.permit(:account_update, keys: [:name])
end
def by_admin_user?(params)
params[:id].present? && current_user_is_admin?
end
def current_user_is_admin?
user_signed_in? && current_user.has_role?(:admin)
end
# The path used after sign up.
def after_sign_up_path_for(resource)
if current_user_is_admin?
users_path
else
super(resource)
end
end
# The path used after update.
def after_update_path_for(resource)
if current_user_is_admin?
users_path
else
super(resource)
end
end
# The path used after sign up for inactive accounts.
# def after_inactive_sign_up_path_for(resource)
# super(resource)
# end
def sign_up(resource_name, resource)
if !current_user_is_admin?
sign_in(resource_name, resource)
end
end
def update_resource_without_password(resource, params)
resource.update_without_password(params)
end
def creatable?
raise CanCan::AccessDenied unless user_signed_in?
if !current_user_is_admin?
raise CanCan::AccessDenied
end
end
def editable?
raise CanCan::AccessDenied unless user_signed_in?
if params[:id].present? && !current_user_is_admin?
raise CanCan::AccessDenied
end
end
end
devise_for :users, :controllers => {
:registrations => 'users/registrations'
}
devise_scope :user do
get 'users/:id/edit' => 'users/registrations#edit', as: :edit_other_user_registration
match 'users/:id', to: 'users/registrations#update', via: [:patch, :put], as: :other_user_registration
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment