Added automatically applying all default entered users to being a "user".

app/controllers/users_controller.rb

@@ -12,9 +12,9 @@ class UsersController < ApplicationController
   end
 
   def create
-    @user = User.new(user_params)
+    @user = User.new(user_params.except(:roles))
     if @user.save
-      assign_roles(@user)
+      update_user_roles(@user, params[:user][:roles] || ['user'])
       redirect_to users_path, notice: 'User was successfully created.'
     else
       render :new
@@ -43,7 +43,12 @@ class UsersController < ApplicationController
   end
 
   def user_params
-    params.require(:user).permit(:email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :phone, :company, :access_revoked, :access_start_date, :access_end_date, roles: [])
+    params.require(:user).permit(
+      :email, :password, :password_confirmation, :remember_me,
+      :first_name, :last_name, :phone, :company, 
+      :access_revoked, :access_start_date, :access_end_date, 
+      roles: []
+    )
   end
   
 
@@ -62,9 +67,10 @@ class UsersController < ApplicationController
   
 
   def update_user_roles(user, roles_names)
-    user.roles.delete_all # Remove existing roles
+    user.roles.delete_all # Remove existing roles if you want to reset roles on update
+    roles_names = ['user'] if roles_names.blank? # Ensure there's a default role
     roles_names.each do |role_name|
-      user.add_role(role_name) unless role_name.blank?
+      user.add_role(role_name)
     end
   end
   

app/models/user.rb

@@ -1,4 +1,9 @@
 class User < ApplicationRecord
   rolify
   devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable
+
+  def active_for_authentication?
+    super && !access_revoked
+  end
+  
 end