Adding a devise user or admin in a Heroku app

To add a devise user on a Heroku site we combine two commands

Command 1: With devise a person can enter the following into their rails console to create a user: => "", :password => 'password', :password_confirmation => 'password')

Command 2: To run commands in the Heroku terminal, simply go into local directory of the corresponding app and type heroku run [whatever you want to run]

So if we put those together we get the following, assuming that your user model is in fact called User:

    1. Change your directory to your app: cd ~/yourapp
    2. Enter into the rails console on Heroku with the following: heroku run rails c
    3. Run the create user code: => "", :password => 'password', :password_confirmation => 'password')
    4. Then finally

Finally, if you want to do this for a separate admin model, simply replace User in the instructions above with Admin (provided of course that’s what your separate admin model is called; if not adjust accordingly).

That’s it! You should be good to go!

Adding a devise user or admin in a Heroku app

Rolling your own basic user authorizations with devise

There seems to be very little written about this in the Rails literature out there, so I thought I’d make a contribution.  There’s very much posted about using authorization management gems like CanCan (which is well and good) but for those of us creating a small basic app, such gems are overkill.  It’s also worth using a filter just to get an understanding of what’s going on if you’re new to rails (like me!)


To create a stupid-simple authorization system that makes sure that only admins and the owner of a post can edit that post.


  1. You are using the devise gem and have set it up
  2. You have created an Admin model (Option 1 in the Devise Wiki)


(It’s really short)

To only allow admins and users that own the given post edit authorization, put the following in your post controller:

before_filter :require_permission, only: [:edit, :update, :destroy]

def require_permission
if user_signed_in?
if current_user != Post.find(params[:id]).user
if !admin_signed_in?
redirect_to :root, notice: "Access Denied."
if !admin_signed_in?

(Do make your indentation better than the code above; I’m up against wordpress’s auto-correct and don’t feel like fighting with it)

Anyway, that’s it!

The explanation

So why? Let’s start with the top

  1.  We’re adding a method, called require_permission which we are defining below to the methods edit, update and destroy.  Meaning any users engaging these methods must fit the requirements outlined in require_permission
  2. Next we define require_permission and say that if the current user is NOT the user on file for the given post… proceed.
  3. Then we check if the session user is an admin or, more accurately, if the user is NOT the admin (note the exclamation point).  Because user and admin are two different models, devise has defined two different sets of very similar methods when referring to either one.  Check them out here.  It helps clarify things.
  4. Finally we add the redirect to the homepage with an ominous “ACCESS DENIED” message at the top.

So to recap, if the user is not the owner of the post AND not signed into the admin model, they get booted back to the homepage.  Otherwise, they can do whatever they want to the post.



Rolling your own basic user authorizations with devise

Managing Administrator accounts with Devise

I’ve been using the Devise gem for a couple apps in my recent exploration of Ruby on Rails.  It works pretty well and has a lot of great features but the documentation on how to best go about setting up administrators on it is a bit vague.  I would write up some notes on how to do it but  I’d basically be plagiarizing another post on the matter which really cleared things up for me.  Check it out:

Managing Administrator accounts with Devise

Setting Up Mailer Using Devise For Forgot Password

Really cleared up my confusion about sending email in both development and production environments.

Ruby on Rails Help

In this tutorial I will show you how to set up the mailer for the forgot password feature in Devise. In the tutorial I will be setting up a Gmail account and I will show you how its done using local environment variables. I will also be using Heroku and Foreman to set up environment variables.

I am using Rails 4 and Devise 3 for this tutorial.

Seting Up Development Environment

First we will set up the development mailer for use on your local machine. In “config/environments/development.rb” you should already have included

config.action_mailer.default_url_options = { :host => 'localhost:3000' }

when you installed devise.

Next you should turn on the option to raise an exception if there is an error when sending an email. You can do this by including

config.action_mailer.raise_delivery_errors = true

in the same file. Next we will add the email delivery method. You should leave the values as…

View original post 672 more words

Setting Up Mailer Using Devise For Forgot Password

How to Override and Customize the Devise Controller in Rails

Was an absolute lifesaver when I was trying to add additional registration information to my sign-up page.

How I Learned Ruby on Rails

Judging by the number of different StackOverflow questions, there are a lot of people trying to do this, and a lot of confusion. Here is how I did it, and hopefully it helps you.

I have a User and a Verifier model.  What I want to do is create a new Verifier every time I create a new user, and pass in the for the User into the verifier.user_id so that they are mapped together.

In order to do this I want to not really override but add additional functionality to the existing devise controller that handles when new users are created (and destroyed).  So I need to access the RegistrationsController#Create function in devise.

First thing is to create a new folder in the ‘app/controllers‘ folder where we can put my custom controller.  I called mine ‘app/controllers/my_devise‘.  Then create a new file in this folder…

View original post 534 more words

How to Override and Customize the Devise Controller in Rails