Sorry it has been so long since my last post, I am currently completing some courses, which have taken up all my time recently.

This is a fun post for me though, because it is something that I have struggled with in the past.

In this post we are going to create an admin module, and create our own devise controller.

Let’s get started


# Open app/models/user.rb and remove :registerable 
devise :database_authenticable, :recoverable, rememberable, :trackable, :validatable, :lockable, password_lengh: 10..70 


Now let's create and admin controller


# Go to app/controllers and create a new file called admin_controller.rb
# Open the file and add:
class AdminController < ApplicationController
  before_action :authenticate_user!
end



# Now let’s create a new dashboard folder
# Open app/controllers again and create a new folder called dashboard
# Inside of this folder create a new controller called mains_controller.rb 
# Note: You can call this file whatever you would like.
# Open this file and add:
module Dashboard
  class MainsController < AdminController # Notice, this inherits from the admin controller we just created
     
    def index
    end 
  
 end
end

# Now under app/views create a new folder called dashboard
# Inside of this folder, create a new folder called mains
# Now go inside of mains and create an index file: index.html.erb
# You could add some text just like this to test that its working:
<p>Hey, this is the main dashboard page!</p>


Now let's modify our routes file


# Open routes.rb and add:
namespace :dashboard do
 resources :mains
 root to: "mains#index" # The file we just created.
end
# You should test this out by running rails s and navigating to the dashboard
visit: localhost:3000/dashboard 
# If you see the message we created earlier, it worked!


Now let’s create a new devise user's controller

This will allow us to have some custom actions, such as creating new users, updating our demographic information, password, and our profile image.


# Open app/controllers/dashboard and create a new file called users_controller.rb
# Open the file and add:
module Dashboard
  class UsersController < AdminController
  before_action :authenticate_admin, only: [:index, :new, :create_user]
  before_action :set_user, only: [:show, :edit]
 
 def index
  @users = User.all.order("created_at DESC") # displaying all users
  @users_with_index = User.all # This will allow us to count the number of users
 end
 
 def show
  @posts = current_user.posts.order("created_at DESC")
  # This will display each users posts
 end
 
 def edit
 end
 
 def new
  # Edit the devise notice...
  # already_authenticated: "Already signed in, or not authorized."
 end
 
# Creating new user's 
def create_user 
   current_user = User.new(user_params)
   if current_user.save
    redirect_to dashboard_users_path, notice: 'New user successfully created'
   else
    redirect_to :back
    flash[:info] = "Something is wrong, try again."
   end
  end
 
def update_profile_image
  @user = current_user
  if @user.update(user_params)
    # Sign in the user by passing validation in case their password changed
    bypass_sign_in(@user)
    redirect_to :back
    flash[:info] = "Your image has been saved"
  else
    render :edit, notice: "Image upload failed, please try again"
  end
end
 
 def update_profile
 @user = current_user
  if @user.update(user_params)
    # Sign in the user by passing validation in case their password changed
    bypass_sign_in(@user)
    redirect_to :back, notice: "Your changes have been saved"
  else
    render :edit, alert: "Try again, something went wrong"
  end
end
 
def update_password
 @user = current_user
  if @user.update(user_params) # make people enter their old password with @user.update_with_password(user_params) if you want...
    # Sign in the user by passing validation in case their password changed
    bypass_sign_in(@user)
    redirect_to :back, notice: "Your password has been changed"
  else
    redirect_to :back, alert: "Password update failed, try again"
  end
end
 
def destroy
 @user = current_user
  if @user.destroy
    redirect_to root_path
  end
end

private
 
 def set_user
    @user = User.friendly.find(params[:id])
 end
 
 def user_params
    params.require(:user).permit(:password, :password_confirmation, :email, :first_name, :last_name, :about, :role, :img, :slug)
 end
 
 end
end



Updating our users helper

In the user's controller above, you will notice that I have added a method to authenticate admins, so regular users cannot view all users or create new users. Let’s add that now to our user's helper.


# Open app/helpers/users_helper.rb
# Admins or Vip’s can view all users as well as create users.
def authenticate_admin
 unless user_signed_in? && current_user.admin? || user_signed_in? && current_user.vip?
 redirect_to_dashboard_mains_path, alert: "You are not authorized to view this page"
end



We now need to update our routes file again, for the new users methods


namespace :dashboard do
 resources :mains
 root to: “mains#index”
   resources :users do
       collection do
         patch 'update_password'
         patch 'update_profile'
         patch 'update_profile_image'
         post  'create_user'
       end
   end
 
end



In the next tutorial we will create the index, show, new, and edit pages for the user's controller. We will also create four partials for updating passwords, profiles, profile images, and for creating users. We will also add the Bootstrap 4 gem and begin styling our application.

See you at the next post!

Click here to go back to part part 4.