I have a nested model form for user sign up, which creates a user and a location at the same time. I want the user who creates the location to be assigned the admin role automatically. I'm using devise/cancan/rolify. Any ideas on how to do this?
Ability model
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.has_role? (:admin, Location.first)
can :manage, :all
end
Location model
class Location < ActiveRecord::Base
resourcify
has_and_belongs_to_many :users
accepts_nested_attributes_for :users, :allow_destroy => true
attr_accessible :lat, :long, :name, :street_address, :places_id, :user_attributes
validates_uniqueness_of :places_id, :message => "location already taken"
end
User model
class User < ActiveRecord::Base
has_and_belongs_to_many :locations
accepts_nested_attributes_for :location
rolify
resourcify
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :role_ids, :as => :admin
attr_accessible :name, :email, :password, :password_confirmation, :remember_me, :location_attributes
end
Role model
class Role < ActiveRecord::Base
has_and_belongs_to_many :users, :join_table => :users_roles
belongs_to :resource, :polymorphic => true
scopify
end
And finally, the form for sign up
<% resource.build_location %>
<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => {:class => 'form-vertical' }) do |f| %>
<%= f.error_notification %>
<%= f.fields_for :location do |location_form| %>
<%= location_form.text_field :name, "data-geo" => "name" %>
<%= location_form.text_field :places_id, "data-geo" => "id" %>
<% end %>
<%= f.input :name, :autofocus => true %>
<%= f.input :email, :required => true %>
<%= f.input :password, :required => true %>
<%= f.input :password_confirmation, :required => true %>
<%= f.button :submit, 'Sign up', :class => 'btn-primary' %>
<% end %>
<%= render "devise/shared/links" %>
You will need to add user.add_role :admin, location
in your controller that will handle the signup form post request. This is probably your users_controller.rb
in the create
function