Databases
StackOverflow2013
Postsdbo
POHowto assign an ordinary user as superuser or admin
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHowto assign an ordinary user as superuser or admin
    text
    copied!<p>I was following the tutorial at <a href="http://www.logansbailey.com/" rel="nofollow">http://www.logansbailey.com/</a> and modified it to enable an unregistered person to be able to register with a username, email and password.<br> I already enabled a logged in user to modify his/her email and password but not the username.</p> <p>What I want to add is: </p> <p>1) to enable a logged in user to be able to see/reach his/her username and email,<br> 2) to enable a user with admin_flag set (I handled this in the sql table and created the user) to be able to see/modify all user records.</p> <p>I modifyed the app/cotrollers/user_controller.rb like this:</p> <pre><code>class UsersController &lt; ApplicationController before_filter :is_user, :only =&gt; [:index, :show, :edit, :update, :destroy] def index @users = User.all respond_to do |format| format.html # index.html.erb format.xml { render :xml =&gt; @users } end end def show @user = User.find(params[:id]) respond_to do |format| format.html # show.html.erb format.xml { render :xml =&gt; @user } end end def new @user = User.new respond_to do |format| format.html # new.html.erb format.xml { render :xml =&gt; @user } end end def edit end def create @user = User.new(params[:user]) respond_to do |format| if @user.save flash[:notice] = 'Registration successful.' format.html { redirect_to(:controller =&gt; 'home', :action =&gt; 'tutorial') } format.xml { render :xml =&gt; @user, :status =&gt; :created, :location =&gt; @user } else format.html { render :action =&gt; "new" } format.xml { render :xml =&gt; @user.errors, :status =&gt; :unprocessable_entity } end end end def update respond_to do |format| if @user.update_attributes(params[:user]) flash[:notice] = 'Your profile was successfully updated.' format.html { redirect_to(:controller =&gt; 'home', :action =&gt; 'index') } format.xml { head :ok } else format.html { render :action =&gt; "edit" } format.xml { render :xml =&gt; @user.errors, :status =&gt; :unprocessable_entity } end end end def destroy @user = User.find(params[:id]) @user.destroy respond_to do |format| format.html { redirect_to(users_url) } format.xml { head :ok } end end def is_user if User.exists?(params[:id]) @user = User.find(params[:id]); if current_user.admin_flag == true flash[:notice] = 'Welcome Admin' end if !current_user || current_user.id != @user.id flash[:notice] = 'You do not have access to that page' redirect_to(:controller =&gt; 'home', :action =&gt; 'index') end else flash[:notice] = 'You do not have access to that page' redirect_to(:controller =&gt; 'home', :action =&gt; 'index') end end end </code></pre> <p>The file app/models/user.rb is:</p> <pre><code>class User &lt; ActiveRecord::Base acts_as_authentic end </code></pre> <p>And I can confirm that the admin_flag set user is get correctly since the file app/views/layouts/application.html.erb containing:</p> <pre><code> &lt;div id="admin"&gt; &lt;% if current_user %&gt; &lt;% if current_user.admin_flag == true %&gt; | &lt;%= link_to "Users", users_path %&gt; &lt;% end %&gt; &lt;% end %&gt; &lt;/div&gt; </code></pre> <p>correctly displays the 'Users' link when I log in as the admin.</p> <p>Now the problem is that I can't get the show all users, edit other users etc.. functionality. As the admin, I can show and modify the admin user just like all the other ordinary users, meaning I can't modify the username, too.</p> <p>What may be wrong here?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload