Rails 3 - Can Active_admin use an existing user model?

Can Active Admin use my current Devise user model? It already has a column named admin, and if it's true, I'd like to bypass the Active admin login, when going to /admin.

Is this possible?

Current routes:

#Active admin
ActiveAdmin.routes(self)

#Devise
devise_for :admin_users, ActiveAdmin::Devise.config
devise_for :users, :path => "account"

The rest is basically standard Devise + Active admin


Solution 1:

Yes you can do that, when running the generator skip the user model creation:

rails generate active_admin:install --skip-users

Then in your config/initializers/active_admin.rb :

# == User Authentication
#
# Active Admin will automatically call an authentication
# method in a before filter of all controller actions to
# ensure that there is a currently logged in admin user.
#
# This setting changes the method which Active Admin calls
# within the controller.
config.authentication_method = :authenticate_admin!

uncomment config.authentication_method and provide your authentication method for your admin, for example:

# app/controllers/application_controller.rb
def authenticate_admin!
 redirect_to new_user_session_path unless current_user.is_admin?
end

Restart your server and It should be working. Also Take a look to Active Admin Configuration

Hope this helps.

Solution 2:

As stated earlier, you will need to update your config/initializers/active_admin.rb to reflect the correct auth method.

Additionally, however, you will want to update the following settings as well:

# This setting changes the method which Active Admin calls
# to return the currently logged in user.
config.current_user_method = :current_admin_user

to

config.current_user_method = :current_user

and

# This setting changes the path where the link points to. If it's
# a string, the strings is used as the path. If it's a Symbol, we
# will call the method to return the path.
#
# Default:
config.logout_link_path = :destroy_admin_user_session_path

to

config.logout_link_path = :destroy_user_session_path

Of course, you don't HAVE to update these (or the method mentioned in the post), and just over-ride the methods elsewhere, but this seems to be the easiest / cleanest approach. You will obviously need to substitute "user" in each setting (current_USER) with the name of the model using devise authentication.

I would also recommend updating the following setting as well while you are in there:

# This setting changes the http method used when rendering the
# link. For example :get, :delete, :put, etc..
#
# Default:
config.logout_link_method = :get

to

config.logout_link_method = :delete

This last change is required if the default HTTP method used by your devise config is set to :delete, which it is unless you changed it. It matters that they are now synced because if you follow these instructions, you will be using destroy_user_session_path which is a path already defined by devise. Otherwise you will get a message stating that [GET] /users/sign_out route does not exist.

Solution 3:

Here's the process if you have already installed ActiveAdmin with default settings, and you want to authenticate users with User.is_admin field on your existing model, and remove admin_user table:

Rollback admin_user migrations (if you didn't use --skip-users when installing Active Admin):

rake db:migrate:down VERSION=20141205110842 # create_active_admin_comments.rb
rake db:migrate:down VERSION=20141205110831 # add_devise_to_admin_users.rb
rake db:migrate:down VERSION=20141205110820 # devise_create_admin_users.rb

Then remove those 3 files.

In routing, remove the line devise_for :admin_users, ActiveAdmin::Devise.config

In application_controller.rb, add:

def authenticate_admin!
  if current_user && current_user.is_admin
    # fine
  else
    redirect_to new_user_session_path
  end
end

In active_admin.rb:

config.authentication_method = :authenticate_admin!
config.current_user_method = :current_user
config.logout_link_path = :destroy_user_session_path
config.allow_comments = false
config.logout_link_method = :get # couldn't get active_admin to sign out via :delete. So I configure devise to sign out via :get.

To configure devise to sign out via :get, add in devise.rb:

config.sign_out_via = :get
# And for every occurrence of destroy_user_session_path, remove the option method: delete.

Create is_admin migration:

rails g migration add_is_admin_to_user is_admin:boolean

Edit the migration like so:

class AddIsAdminToUser < ActiveRecord::Migration
  def change
    add_column :users, :is_admin, :boolean, default: false
  end
end

And migrate:

rake db:migrate

If in rails 4, don't forget to add is_admin in permit_params. In app/admin/user.rb:

permit_params ....., :is_admin

Add rights to admin users, in a console:

u = User.find(42); u.is_admin = true; u.save

Enjoy

Solution 4:

All of what everyone else has said as well as in conjunction with the guide laid out at http://dan.doezema.com/2012/02/how-to-implement-a-single-user-model-with-rails-activeadmin-and-devise/

that adds some additional bits on information if you are choosing to revert back to the option to have a single user model when you have already implemented an admin_user model (ie right now you have a 'user' as well as an 'admin_user' model).

The additional steps included

remove devise_for :admin_users, ActiveAdmin::Devise.config from routes.rb copy code from app/admin/admin_user.rb to app/admin/user.rb (only use what is required) delete app/admin/admin_user.rb (or you will get an Uninitialized constant error on AdminUser) like this guy had (and me as well).