disabling Devise registration for production environment only
I am launching a beta site with a select group of users. I want to disable registration in the production environment only, and only for a short period of time (i.e. I don't want to nuke my registration altogether). I know I can simply hide the "sign up" link, but I suspect that hackers smarter than I can still use the RESTful routes to accomplish registrations. What's the best way to disable registration so my test/development environments still work, but production is affected? Thanks for any pointers.
I've tried pointing named scopes in such a way that "sign_up" goes to "sign_in", but it didn't work. Here's what I've tried:
devise_scope :user do
get "users/sign_in", :to => "devise/sessions#new", :as => :sign_in
get "users/sign_up", :to => "devise/sessions#new", :as => :sign_up
end
Ideally, we'd send the user to a "pages#registration_disabled" page or something like that. I just wanted to get something working I can play around with.
EDIT: I've changed the model as requested, then added the following to /spec/user_spec.rb
describe "validations" do
it "should fail registration if in production mode" do
ENV['RAILS_ENV'] = "production"
@user = Factory(:user).should_not be_valid
end
end
it is passing as "true" rather than false. Is there a way to mock up the production environment? I'm just spit-balling this one.
Thanks!
Answer
Edit the user model and remove :registerable, I think that should give you what you want.
Edit:
I think this would work:
if Rails.env.production?
devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable
else
devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable, :registerable
end