devise

问题 I'm building multi-tenant application. All data isolation is done by TenantID column in each table. What is the best way to automatically handle multi-tenancy for all tenant models. Example: Contacts.new({.....}) should automatically add :tenant => curret_user.tenant Contacts.where({....}) should also add :tenant => curret_user.tenant Currently I see something like this in CanCan gem which that can fetch records for specific user parameters. But it is not providing anything for insert and

问题 This happened when I added an attr_accessible to my Relationship model. class Relationship < ActiveRecord::Base attr_accessible :followed_id end Without using Devise or a protected_attributes gem, what is the way around this? I know that in controllers you call a private method requiring and permitting fields. Is this something you should do in the model too? What is the convention here? Thanks! 回答1: In Rails 4 you use Strong Parameters instead of Protected Attributes. (You don't need to

问题 How to add a callback to create an account for the registered user. Devise files (registrations_controller.rb) are under controllers/devise My user model has has_many :accounts relationship (and the account model has belongs_to :user) First I don't know where to add the callback (what file?) Then, how to automatically create a new account with the right user_id of the registered user? Thanks in advance. 回答1: You can override devise's registration controller, add callback to create account

问题 When I run rails s : /Users/galli01anthony/.rvm/gems/ruby-2.1.3/gems/devise-3.2.4/lib/devise/rails/routes.rb:455:in `ensure in with_devise_exclusive_scope': undefined method `merge!' for #<ActionDispatch::Routing::Mapper::Scope:0x007f8743e19020> (NoMethodError) When I run rake db:reset or db:migrate or db:setup : rake aborted! NoMethodError: undefined method `merge!' for #<ActionDispatch::Routing::Mapper::Scope:0x007fca8d3f2780> 回答1: It seems like the issue was fixed with this PR https:/

问题 I've looking for a way to allow users to change their settings (User model) without having to change their password (they still have to enter their current password). Devise out of the box seems to allow this, but when you remove the validatable module and setup custom validations, it seems you need to work around a bit. I have setup the following validation in my user model : validates :password, length: { in: 6..128 } When signing up, user is required to specify his password (which is what

问题 This question already has answers here : Rails Devise I18n Flash Messages with Twitter Bootstrap (6 answers) Closed 6 years ago . I am using Rails 4, Twitter Bootstrap 3.0, and Devise 3.0. I am trying to get identical looking flash messages for devise and the rest of my site. So far I have this: Within "app/views/layouts/application.html.erb" : <%= render 'layouts/messages' %> "app/views/layouts/_messages.html.erb" : <% devise_flash %> <% flash.each do |key, value| %> <div class="alert alert-

问题 I'm trying to write a request test that asserts that the proper links appear on the application layout depending in whether a user is logged in or out. FWIW, I'm using Devise for the authentication piece. Here's my spec: require 'spec_helper' require 'devise/test_helpers' describe "Layout Links" do context "the home page" do context "session controls" do context "for an authenticated user" do before do # I know these should all operate in isolation, but I # want to make sure the user is

问题 In Devise Validatable module contains validates_uniqueness_of :email, :allow_blank => true, :if => :email_changed? How to disable this validator? 回答1: Per Devise's own documentation on the Validatable module... Validatable creates all needed validations for a user email and password. It's optional, given you may want to create the validations by yourself. Automatically validate if the email is present, unique and its format is valid. Also tests presence of password, confirmation and length.

问题 I've been reading about adding Honey pot fields to my forms for combating bots/spam. Only problem is theirs no guides or anything on where to start. Many sites say to make a field that is hidden that only the spam bot would fill out. But as I'm new to this, don't know where I would start in my application. Could anyone give me the advice on how to set this up? I am trying to make my Devise registration page use honey pot fields. 回答1: The basic idea behind honeypot captchas is that you have a

问题 devise_for creates routes including a DELETE route, which we want to remove, and devise_for doesn't support an :except or :only option. How can I remove a route from Rails.application.routes ? Either in the draw block, or afterward? Here are details of a bug, which was the reason we needed to remove the route. we were issuing a DELETE request to a custom UJS controller action in the controller action we were removing what we wanted to, then doing a 302 redirect. This was a bad idea, and we