1

I created a simple directory using Rails 3.2 and devise where new users need approval before they can use the site. I followed the instructions in "How To: Require admin to activate account before sign_in" and admin users can now see lists of different index pages of approved versus non-approved users. So far so good.

My problem is the user approval process. Currently I approve users in the Rails console. I'd like for admin users to be able to approve users through their browser. I'm at a loss. I know I need to put "approve" and "don't approve" links next to each unapproved user but then what?

In the abstract I know that clicking those links should activate a method in the User model or controller and then redirect with flash but I've strayed beyond what I know from my beginner tutorials.

I'm not sure what to put in my views and routes. Do I need a special hidden form that only changes 'approved' from false to true when when the "approve" submit button is clicked and the button is the only visible element?

If anyone can get me started in the right direction I can probably figure it out from there.

the Tin Man
  • 158,662
  • 42
  • 215
  • 303
BenU
  • 2,287
  • 1
  • 22
  • 35
  • Can you edit users? Or did you just set up the index? Do you know how to set up a basic CRUD interface in rails? – phillyslick Mar 11 '13 at 00:30
  • Users can edit their own profiles. The CRUD the 7 basic controller actions are pretty strait forward to me. Here I just want an admin to be able to change one attribute by clicking a link. Admin can already delete unwanted users. – BenU Mar 11 '13 at 00:36
  • Okay cool. Then you just need to add a checkbox field in the edit form for the user that sets user.approved to true. – phillyslick Mar 11 '13 at 00:53
  • Hmmmm.... You've gotten me started. I put a little form for each user on the admin's unapproved user index. Now I just need to change the User controller update method so that admins bypass the authentication I currently have there. Thanks, @BenPolinsky – BenU Mar 11 '13 at 01:57
  • No problem - hope it works out – phillyslick Mar 11 '13 at 02:29
  • This will definitely work but I'm now having trouble with Devise. There's info [here](http://zyphdesignco.com/blog/manage-users-with-devise-and-cancan) and [here](https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface) that seem to be what I need but I can't get it to work yet. I'll try tomorrow. – BenU Mar 11 '13 at 03:01
  • 2
    I hope this suggestion is too late but take a look at how the usual destroy action is done in rails. This way the admin user does not have to click edit to change one single value. Instead of delete, you can insert an "approve button" which changes the value of the field. – Hass Mar 11 '13 at 03:17
  • Actually, I wasn't able to get the form solution to work because of Devise's authentication before_filter on PUT. Taking @sas1ni69's advice and the info at this [SO answer on using link_to with a PUT method](http://stackoverflow.com/questions/9305753/ruby-on-rails-link-to-with-put-method) I was able to get this to work. I'll type up a more complete answer in a bit. Thanks, sas1ni69! – BenU Mar 11 '13 at 19:07

1 Answers1

1

@sas1ni69's comment lead me to Ruby on Rails link_to With put Method which allowed me to find a solution.

To my view I added:

<%= link_to "approve", approve_user_path(user.id)  %>

To my routes I added:

match 'users/:id/approve'=> 'users#approve_user', as: 'approve_user'

To my user controller I added:

def approve_user
  user = User.find(params[:id])
  user.approved = true
  if user.save
    flash[:notice] = "#{user.full_name} approved"
  else
    flash[:alert] = "#{user.full_name} approval failure"
  end
  redirect_to :back
end

Seems to be working like a charm! Thanks everybody!

Community
  • 1
  • 1
BenU
  • 2,287
  • 1
  • 22
  • 35