Ruby on rails 3 设计:将任何用户密码更改为管理员
这看起来很简单,我有一个控制器动作如下:Ruby on rails 3 设计:将任何用户密码更改为管理员,ruby-on-rails-3,devise,Ruby On Rails 3,Devise,这看起来很简单,我有一个控制器动作如下: class Admin::UsersController < Admin::BaseController ... def update_password @user = User.find(params[:user][:id]) @user.password = params[:user][:password] if @user.save! Notifier.admin_password_change(@user).delive
class Admin::UsersController < Admin::BaseController
...
def update_password
@user = User.find(params[:user][:id])
@user.password = params[:user][:password]
if @user.save!
Notifier.admin_password_change(@user).deliver
flash[:success] = "Password Changed!"
redirect_to edit_admin_user_path(@user)
else
render "edit"
end
end
end
而且它似乎从来都不起作用。我需要更高级的东西吗?以下是我在rails控制台中看到的内容:
Started PUT "/admin/users/update_password" for 127.0.0.1 at 2013-07-15 10:01:50 -0600
Processing by Admin::UsersController#update_password as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ipedx2MJDZTQct6I4FUObrzDpMNl3pQWNVr9Ez7bDVc=", "user"=>{"id"=>"226", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Change Password"}
(6.8ms) ALTER SESSION SET EDITION = EPACT_REDESIGN
User Load (8.4ms) SELECT "CRED_APP_USERS".* FROM "CRED_APP_USERS" WHERE "CRED_APP_USERS"."ID_NUMBER" = 10040 AND ROWNUM <= 1
CodeModel Load (9.1ms) SELECT "CRED_CODES".* FROM "CRED_CODES" WHERE (table_name = 'CRED_VEHICLES' OR table_name = 'CRED_FLEET')
User Load (3.6ms) SELECT "CRED_APP_USERS".* FROM "CRED_APP_USERS" WHERE "CRED_APP_USERS"."ID_NUMBER" = :a1 AND ROWNUM <= 1 [["id_number", "226"]]
(3.3ms) UPDATE "CRED_APP_USERS" SET "ENCRYPTED_PASSWORD" = 'ENCRYPTED PASSWORD STRING', "MODIFY_DT" = TO_DATE('2013-07-15 16:01:50','YYYY-MM-DD HH24:MI:SS') WHERE "CRED_APP_USERS"."ID_NUMBER" = 226
Rendered notifier/admin_password_change.erb (0.1ms)
Sent mail to random@person.com (22ms)
...
我做错了什么?电子邮件会在控制台中打印出来,屏幕顶部会出现:success flash,但密码没有更改。无法解释原因,但我需要设置密码重置令牌,然后它就工作了。下面是该方法现在的样子:
def update_password
@user = User.find(params[:user][:id])
@user.reset_password_token = 'temp'
@user.save!
if @user.reset_password!(params[:user][:password], params[:user][:password_confirmation])
Notifier.admin_password_change(@user).deliver
flash[:success] = "Password Changed!"
redirect_to edit_admin_user_path(@user)
else
render "edit"
end
end
重置密码时,令牌会被吹走!方法运行。我在文档中找不到任何暗示需要重置密码令牌的内容,但似乎是必需的。我不会说这段代码很漂亮,但解决方案是可行的。如果有人想出更好的办法,我会改变我的答案