Rails, Devise - Admin trying to edit another user profile, own profile loaded instead

Question

Being fairly new in developing with Rails, I'm trying to get my head around the following: I'm working with a Devise + Cancan + olify app to try and create authentication and user management. I've the general user behaviour sorted and I'm trying to achieve for an admin user to be able to edit another user profile.

At the moment, the admin user is able to list users and try to edit other user's profile. However, when going on the edit page, despite the URL/route being correct to me, I'm still being presented with the "currentuser"/admin information in the form.

So in short, the scenario: UserId1 is an admin UserId1 is trying to edit the profile of UserId2

Logged as UserId1, the following route bring details for UserId1 instead of UserId2: http://localhost:3000/d/users/edit.2

Here is the routes.rb:

devise_for :users, :path_prefix => 'd', :controllers => { :registrations => 'registrations' }

namespace :admin do
  get '', to: 'dashboard#index', as: '/'
  resources :users
end

Here is the users#index view:

<table>
  <tbody>
    <% @users.each do |user| %>
      <tr>
        <td><%= user.id %></td>
        <td><%= user.first_name %></td>
        <td><%= user.last_name %></td>
        <td><%= user.email %></td>
        <td>
          <%= link_to edit_user_registration_path(user) %>
        </td>
        <td>
          <%= link_to registration_path(user),class: "red", :data => { :confirm => "Are you sure?" }, :method => :delete %>
        </td>
      </tr>
    <% end %>
  </tbody>
</table>

Here is the users_controller.rb:

class Admin::UsersController < ApplicationController
  def index
    @users = User.all
  end
end

Any help is appreciated!

Edit 1

rake routes gives me the following:

    Prefix Verb               URI Pattern                         Controller#Action
new_user_session          GET    /d/users/sign_in(.:format)          devise/sessions#new
user_session              POST   /d/users/sign_in(.:format)          devise/sessions#create
destroy_user_session      DELETE /d/users/sign_out(.:format)         devise/sessions#destroy
user_password             POST   /d/users/password(.:format)         devise/passwords#create
new_user_password         GET    /d/users/password/new(.:format)     devise/passwords#new
edit_user_password        GET    /d/users/password/edit(.:format)    devise/passwords#edit
                          PATCH  /d/users/password(.:format)         devise/passwords#update
                          PUT    /d/users/password(.:format)         devise/passwords#update
cancel_user_registration  GET    /d/users/cancel(.:format)           registrations#cancel
user_registration         POST   /d/users(.:format)                  registrations#create
new_user_registration     GET    /d/users/sign_up(.:format)          registrations#new
edit_user_registration    GET    /d/users/edit(.:format)             registrations#edit
                          PATCH  /d/users(.:format)                  registrations#update
                          PUT    /d/users(.:format)                  registrations#update
                          DELETE /d/users(.:format)                  registrations#destroy
user_confirmation         POST   /d/users/confirmation(.:format)     devise/confirmations#create
new_user_confirmation     GET    /d/users/confirmation/new(.:format) devise/confirmations#new
                          GET    /d/users/confirmation(.:format)     devise/confirmations#show
user_unlock               POST   /d/users/unlock(.:format)           devise/unlocks#create
new_user_unlock           GET    /d/users/unlock/new(.:format)       devise/unlocks#new
                          GET    /d/users/unlock(.:format)           devise/unlocks#show
root                      GET    /                                   pages#home
about                     GET    /about(.:format)                    pages#about
admin                     GET    /admin(.:format)                    admin/dashboard#index
admin_users               GET    /admin/users(.:format)              admin/users#index
                          POST   /admin/users(.:format)              admin/users#create
new_admin_user            GET    /admin/users/new(.:format)          admin/users#new
edit_admin_user           GET    /admin/users/:id/edit(.:format)     admin/users#edit
admin_user                GET    /admin/users/:id(.:format)          admin/users#show
                          PATCH  /admin/users/:id(.:format)          admin/users#update
                          PUT    /admin/users/:id(.:format)          admin/users#update
                          DELETE /admin/users/:id(.:format)          admin/users#destroy

I had the same problem. Here's my solution [here](https://stackoverflow.com/a/46314384/5551783) — dgreen22, Sep 20 '17 at 06:15

score 1 · Answer 1 · answered Mar 14 '14 at 02:35

1

You problem stems from the fact that the route should end with edit/2 instead of edit.2. The .2 makes Rails think that you are trying to access a page with a file extension of 2 instead of the user edit page for the user with an id of 2.

Try running rake routes and check to see what routes are listed there and if any of them match the route you are trying to use.

answered Mar 14 '14 at 02:35

jvperrin

3,368
1
23
33

I've added the rake routes result - it all seems fine to me here. edit/2 gives me a "No route match error". Also, edit.1 for UserId1 works fine – Neiluj Mar 14 '14 at 02:56
@Neiluj It works fine for User Id 1 because the user edit path always uses the current user (Which is user 1 in your case). It seems that you might need to create your own route as stated [here](http://stackoverflow.com/questions/8618470/rails-3-devise-user-registration-edit-path-not-working). Also, as a side question, what are the admin user routes for and can you edit any user through those routes? – jvperrin Mar 14 '14 at 03:17
admin is just a namespace for user admin/console. The user routes inside admin correspond to routes generated with the scaffold Users resource, used to liste all users in the within the admin namespace. Hopefully this makes sense. – Neiluj Mar 14 '14 at 03:46

score 1 · Accepted Answer · answered Mar 14 '14 at 06:45

1

<%= link_to edit_user_registration_path(user) %>

Is still pointing to your devise route, it should be:

<%= link_to edit_admin_user_path(user) %>

Which is described in rake routes.

answered Mar 14 '14 at 06:45

rails4guides.com

1,441
2
11
8

I tried that, coupled with a `redirect_to edit_user_registration_path(user)` in the CRUD/edit of the Users_controller, but without any success. – Neiluj Mar 14 '14 at 16:48
Thanks for this - My error was coming from trying to use Devise CRUD with a different resource, hence not working properly. I have now created CRUD action in the related admin:user controller and it got me further. – Neiluj Mar 16 '14 at 00:47

Rails, Devise - Admin trying to edit another user profile, own profile loaded instead

2 Answers2

Linked