Forum: Ruby on Rails display signup form to enter admin account details

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
C7da1c726f89b6b7c37e8a22c0e0382d?d=identicon&s=25 Amita Bhatkhande (amita0204)
on 2008-12-23 14:21
I would like to display a user account signup form if no user is
present. The signup form will then create a new user account with admin
privileges.

Right now I am creating a pre-defined / hard coded admin account.
Whenever user clicks on a login page, the application checks for an
account with admin privileges. If no such account is found, then I am
creating an admin account. Usually it will occur during first run of the
application.

I would like to prompt user to create an admin account automatically,
i.e., without user having to click on any link. How can I invoke my
signup method in this manner? Where should I define it and call it from?

Thanks,
Amita.
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2008-12-23 14:28
(Received via mailing list)
first of all: what sense makes an admin-account if everybody gets one
automatically?
second: what information do you store? without having the user at
least choose a username, password, how would you recognise which user
is which?

i'd really want to help, but it seems i don't understand what you are
doing here.
C7da1c726f89b6b7c37e8a22c0e0382d?d=identicon&s=25 Amita Bhatkhande (amita0204)
on 2008-12-23 15:31
Not everyone gets an admin account automatically.
Current approach:
The user already knows username and password of this admin account
(included in README file). When user clicks on the login button, the
application checks if any user with admin privileges exists. If not,
then an account with admin privileges is setup. Admin user can change
his/her password thereafter. On subsequent runs (when admin account is
already exists), another admin account won't be created and there exists
only one admin account. Also, once created the admin account can not be
deleted.

Problem: Every time user clicks on the login button, the method to make
admin account if no exists is called upon.

What I would like to do:
When user runs the application and no admin account exists, then display
a signup/create admin form to create an admin account. Usually this will
occur during first run, but not necessarily.

How can I implement this? Other suggestions are welcome..

Thanks,
Amita.


MaD wrote:
> first of all: what sense makes an admin-account if everybody gets one
> automatically?
> second: what information do you store? without having the user at
> least choose a username, password, how would you recognise which user
> is which?
>
> i'd really want to help, but it seems i don't understand what you are
> doing here.
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2008-12-23 15:43
(Received via mailing list)
On 23 Dez., 15:31, Amita Bhatkhande <rails-mailing-l...@andreas-s.net>
wrote:
> What I would like to do:
> When user runs the application and no admin account exists, then display
> a signup/create admin form to create an admin account.
if i understand correctly, you need to write some code roughly like
the following in your controller:

if User.find(:all, :conditions => {:group_id => Group.find_by_name
("admin").id}).size == 0
  # render create_admin_account as none exists so far
else
  # admin-account exists => just login
end


> Problem: Every time user clicks on the login button, the method to make
> admin account if no exists is called upon.
do you already have some code to see where what could be wrong about
it?
C7da1c726f89b6b7c37e8a22c0e0382d?d=identicon&s=25 Amita Bhatkhande (amita0204)
on 2008-12-23 16:17
I think our logic is pretty much similar. The problem is where should I
place my code in the new approach. In current scenario, login
button/action is triggering the make_admin_if_none method. So for every
click on login button this method will be called upon. So is there any
better way to do this? See code below...

Code:
# login controller
# User clicks on login button, which invokes login action
 def login
    if request.post?
      User.make_admin_if_none  #make sure admin exists
      user = User.authenticate(params[:username], params[:password])
      params[:password] = nil
      if user
        session[:user] = user.id
        session[:user_role] = !user.role.nil? ? user.role.name : nil
        uri = session[:original_uri]
        session[:original_uri] = nil
        redirect_to(uri || {:controller => :main, :action => :index})
        return
      end
      flash[:notice] = FAILED_LOGIN
 end

# User model
# User.make_admin_if_none
# This will create admin account if none
  def self.make_admin_if_none
    return if self.find_by_role("admin")

    user = User.new(:username => "admin", :password => "admin")
    role = Role.find_by_name('admin')
    user.role = role
    user.save!
  end

# Roles table is already populated with roles


Thanks,
Amita.


MaD wrote:
> On 23 Dez., 15:31, Amita Bhatkhande <rails-mailing-l...@andreas-s.net>
> wrote:
>> What I would like to do:
>> When user runs the application and no admin account exists, then display
>> a signup/create admin form to create an admin account.
> if i understand correctly, you need to write some code roughly like
> the following in your controller:
>
> if User.find(:all, :conditions => {:group_id => Group.find_by_name
> ("admin").id}).size == 0
>   # render create_admin_account as none exists so far
> else
>   # admin-account exists => just login
> end
>
>
>> Problem: Every time user clicks on the login button, the method to make
>> admin account if no exists is called upon.
> do you already have some code to see where what could be wrong about
> it?
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2008-12-24 09:30
(Received via mailing list)
your problem is that you are calling

  User.make_admin_if_none

and in there you are asking

  self.find_by_role(admin)

now, as this is a class-method self would be the user-class, but not
an instance of it, which means it is not a single user and thus cannot
have the role 'admin'. therefor your if-clause always gets evaluated
to false and you create a new user every time someone hits that
button.

make it an instance-method (= get rid of the 'self.' in method-
definition and adjust the logic accordingly). and call it like this

  user = User.authenticate(params[:username], params[:password])
  user.make_admin_if_none

hope this helps...
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2008-12-24 09:46
(Received via mailing list)
another thought:
it would be better to include that kind of logic into the registration-
process. that way you dont have to call it every time someone logs in.

something like this:

  def register
    user = User.new
    admins = Group.find_by_name("admin")
    if admins.users.size == 0
      user.groups << admins
    end
  end

hard to tell you which way to go. in the end it's YOUR application.
still i hope i could give you some inspiration.
This topic is locked and can not be replied to.