Devise confusing routes

I had a similar problem yesterday.

I would go to the root of my site and I would get a Too Many Redirects
message. It seems like there was an infinite loop. After struggling for
over an hour yesterday late at night, it seemed like I fixed it.

But now, when I want to create a New User, it’s redirecting me to the
Sign In screen. Seems like I didn’t fix the problem completely.

I think Devise is confusing the routes. If I do rake routes, I get
this…

new_user_session GET /users/sign_in(.:format)
user_session POST /users/sign_in(.:format)
destroy_user_session DELETE /users/sign_out(.:format)

new_user GET /users/new(.:format)
edit_user GET /users/:id/edit(.:format)
user GET /users/:id(.:format)

This is routes.rb

devise_for :users, :controllers => { :registrations =>
‘users/registrations’ }

resources :companies
resources :users
resources :companies do
resources :users
end

I think the routes are getting confused somehow. Because when I click on
Create New User button, it seems me to the Sign in form
(new_user_session, instead of new_user).

Actually if you are using devise for registration, you probably want to
use
the new_user_registration route. It’s possible your Users controller is
secured, so it’s not allowing access unless the user is logged in (and
thus
redirects to the sign in page).

I just remembered what fixed the Too Many Redirects error last night. I
move the devise_for statement to the top of the routes file.

devise_for :users, :controllers => { :registrations =>
‘users/registrations’ }

But it just fixed the Too Many Redirects. My New User form it’s not
fixed.

SO you notice how it’s hitting the RegistrationsController when I click
the Create User button?

Rendered users/new.html.erb within layouts/application (52.3ms)
Completed 200 OK in 208ms (Views: 59.4ms | ActiveRecord: 0.8ms)

Started POST “/users” for 127.0.0.1 at Thu Jul 14 13:21:25 -0500 2011
Processing by Users::RegistrationsController#create as HTML
Parameters: {“commit”=>“Create User”,

The user is logged in. So it’s redirecting me to the root url with the
message “You are already signed in”.

So I go to create new user form, I click Create User, and then redirects
me to the root url “You are already signed in”.

This is my log:

Started GET “/users/new” for 127.0.0.1 at Thu Jul 14 13:21:18 -0500 2011
Processing by UsersController#new as HTML
User Load (0.4ms) SELECT “users”.* FROM “users” WHERE “users”.“id” =
2 LIMIT 1
Rendered users/_form.html.erb (14.8ms)
Role Load (0.3ms) SELECT “roles”.* FROM “roles” WHERE “roles”.“id” =
3 LIMIT 1
Rendered users/new.html.erb within layouts/application (52.3ms)
Completed 200 OK in 208ms (Views: 59.4ms | ActiveRecord: 0.8ms)

Started POST “/users” for 127.0.0.1 at Thu Jul 14 13:21:25 -0500 2011
Processing by Users::RegistrationsController#create as HTML
Parameters: {“commit”=>“Create User”,
“authenticity_token”=>“LhvatktCSdtm0345646tHMrsAar3ht84/vbmTnc834I8=”,
“utf8”=>“✓”, “user”=>{“title”=>“”,
“password_confirmation”=>“[FILTERED]”, “username”=>“”, “last_name”=>“”,
“password”=>“[FILTERED]”, “first_name”=>“”, “email”=>“”}}
User Load (0.6ms) SELECT “users”.* FROM “users” WHERE “users”.“id” =
2 LIMIT 1
Redirected to http://localhost:3000/
Completed 302 Found in 74ms

On Thursday, July 14, 2011 2:25:29 PM UTC-4, Ruby-Forum.com User wrote:

The user is logged in.

That sounds like it’s your problem. The Devise registrations controller
does
not allow a user to be logged in. The only reason you don’t get that
error
for your “new” action is because you aren’t using the “new” action from
the
devise registrations controller - you’re using the “new” action from
your
users controller.

Check out line 2:

This is getting extremely frustrating! >:-(

So I moved the devise_for statement, under resources users:
resources :companies
resources :users

resources :companies do
resources :users
end

devise_for :users, :controllers => { :registrations =>
‘users/registrations’ }

and now the form DOES WORK, but now I’m back at the Too Many Redirects
error!!!

If I remove the before_filter :authenticate_user! in the application
controller I get errors like Couldn’t find User with ID=sign_in or
Couldn’t find User with ID=sign_out

My neck hurts from tension! :frowning:

The “devise_for :users” should go before your “resources :users”

The problem is most likely occurring because you have mixed references
to
your users controller and the devise registrations controller. Without
seeing your code it’s impossible to determine exactly where the problem
is.

Does your “create new user” link go to new_user_registration_path? It
should.

oh ok, well, yes maybe that’s it! Maybe it was kinda obvious and I
didn’t see it! There is two different ways to create a new user.

SIGN UP
A Sign Up form, where people can subscribe to the Web App. When they
subscribe, it creates an account for them and a user is created via the
Sign Up form (a modified version of Devise Sign Up form)

ACCOUNT OWNER ADDING USERS
A Create New User form from INSIDE the Web App, where the Account Owner
can add users for the Web App.

The one in which I’m currently working on, it’s on the form from INSIDE
the Web App so Account Owners can add people to the account. So I guess
whenever a new user is attempted to be created, Devise sends them to
the, duh, Registration Controller. But I need a form that it’s supposed
to be handled by the User Controller.

How do you recommend I tackle that problem? Should do something to use
the Registration Controller or should I use the User Controller?

Still the question remains, why does the Create New User form from the
Users Controller sends me to the Sign In page, realizes I’m already
signed in, then redirects me to the root url with message “You are
already logged in”?

Ok, so just moved devise_for at the top of the routes file.

This is my users controller. I removed a lot of code to isolate the
problem, but even without that code, it shouldn’t tell me “user is
already sign in” and send me to the root url.


def index
@companies = Company.all(:conditions => [“account_id == ?”,
current_user.account_id])
@users = User.all(:order => ‘email’)

respond_to do |format|
  format.html # index.html.erb
end

end

def show
@user = User.find(params[:id])

respond_to do |format|
  format.html # show.html.erb
end

end

POST /users

POST /users.xml

def create
@user = User.new
respond_to do |format|
if @user.save
format.html { redirect_to(edit_user_path(@user), :notice =>
‘User was successfully created.’) }
format.xml { render :xml => @user, :status => :created,
:location => @user }
else
format.html { render :action => “new” }
format.xml { render :xml => @user.errors, :status =>
:unprocessable_entity }
end
end
end

def new
@user = User.new
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @user }
end
end

User model
belongs_to :account
belongs_to :role
belongs_to :company

has_many :tickets , :foreign_key => ‘requestor_id’ #, :class_name =>
‘Ticket’

has_many :tickets, :class_name => ‘Ticket’, :foreign_key => ‘ti’

has_many :requestors, :class_name => ‘User’, :foreign_key =>

‘requestor_id’

has_many :assignees, :class_name => ‘Ticket’

has_many :solvers, :class_name => ‘Ticket’

validates :email, :username, :first_name, :last_name, :presence =>
true, :uniqueness => true
validates :role_id, :account_id, :company_id, :presence => true

has_many :tickets, as => :assignee

has_many :tickets

Include default devise modules. Others available are:

:token_authenticatable, :encryptable, :lockable, :timeoutable and

:omniauthable
devise :database_authenticatable, :registerable, :confirmable,
:recoverable, :rememberable, :trackable, :validatable

Setup accessible (or protected) attributes for your model

attr_accessible :username, :email, :password, :password_confirmation,
:remember_me, :account_id, :company_id, :title, :last_name, :first_name


Company model

class Company < ActiveRecord::Base
has_many :users
has_one :account
validates :name, :account_id, :presence => true
end

Registration Controller
class Users::RegistrationsController < Devise::RegistrationsController

def new
end

def create
end
end

routes

devise_for :users, :controllers => { :registrations =>
‘users/registrations’ }

resources :companies
resources :users

resources :companies do
resources :users
end

new user form

company id: <%= params[:company_id] %>

<%= form_for(@user) do |f| %>
<% if @user.errors.any? %>


<%= pluralize(@user.errors.count, “error”) %> prohibited this
user from being saved:

  <ul>
  <% @user.errors.full_messages.each do |msg| %>
    <li><%= msg %></li>
  <% end %>
  </ul>
</div>

<% end %>

<%= f.label :first_name %>
<%= f.text_field :first_name %>
<%= f.label :last_name %>
<%= f.text_field :last_name %>
<%= f.label :username %>
<%= f.text_field :username %>
<%= f.label :title %>
<%= f.text_field :title %>
<%= f.label :email %>
<%= f.text_field :email %>

<% # Display password fields only if user is creating a new user %>
<% if params[:action] == ‘new’ %>

<%= f.label :password %>
<%= f.password_field :password %>
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation %>
<% end %>
<%= f.submit %>
<% end %>

Yep, I already understood what the problem was.

For my own future reference and if anybody else runs into the same
problem.

Devise uses RegistrationController to create new users via the Sign Up
form. If you try to add new users on your own by creating your very own
User model, controller and views, this is what’s going to happen: when
you submit the new user form. The app will try to use the
RegistrationController instead of the UsersController.

I’m going to try to do something else. Maybe something like this…