@account = Account.find_by_subdomain(current_subdomain) # Consider putting th

1. @account = Account.find_by_subdomain(current_subdomain) # Consider putting this into a before_filter
2.  
3. if request.post?
4. user = User.create(params[:user]) do |u|
5. o = [('a'..'z'),('0'..'9')].map{|i| i.to_a}.flatten # map of a-z0-9
6. u.password = (0..5).map{ o[rand(o.length)] }.join # create random password from map
7. u.user_type = 0 # You can override what the user wanted anyway, but attr_protected are better protections for this anyway
8. u.account = @account
9. u.contact = ''
10. end
11.  
12. if user.save
13. redirect_to admin_users_path(user) # .id will be automatically called in this context, but you need to have this route defined... This method would be auto defined if you use resources in routes and follow Rails' RESTful scaffolding.
14. end
15. end
16.  
17.  
18.  
19. in user.rb model
20.  
21.  
22. class User
23. # Whatever you already have in there, including validations and relationships
24. attr_protected :user_type
25. end