So made a huge mistake and accidentally removed all permissions for the sole administrator role. Any ideas how I can reverse this or fix it?
Related
I am not trained nor experienced in Ruby-on-Rails. I am a hobbyist developer trying to implement a customization of the openstreetmap-website. So far much of it is working well, and I'm happy with the result.
It is running here: https://opengeofiction.net
This is a reimplementation of a site that has been active since 2012. We have about 200 active users. The former developer decided to abandon the site so I and a group of users have been working to host it.
Most aspects of the site are working fine, but my users keep seeing two issues (I'm guessing they are related) which is driving us all crazy:
"ActionController::InvalidAuthenticityToken" errors
frequent random forced logouts while navigating the site
I think I more-or-less understand what the Authenticity Tokens are and what they're trying to do, but that doesn't help me to even troubleshoot the problem, given I am not an experienced Rails developer.
Can anyone make any suggestions of places to look for answers (either within the application itself, or online forums)?
Is there a way to disable, site-wide, the Authenticity Token system? I don't think it's necessarily needed for a hobbyist site without anything much at stake.
I tried a way I found, a kind of "per controller" disabling of the tokens, using this line at the top of each of the controller pages:
skip_before_action :verify_authenticity_token
This made the ActionController error disappear, but made the forced logout problem worse.
Perhaps the forced logout problem is unrelated? I don't think so, though.
Please be forgiving in your responses. I have worked as a SQL coder and database developer in the past, but this "front end" stuff is pretty much alien to me.
The website is running on Ubuntu 20.04 LTS virtual server. I downloaded a commit of the openstreetmap-website code in late May. Happy to append any other information if people have suggestions for what's relevant.
Thank you in advance.
Credit to my one responder, for their suggestion. As it turned out, we didn't get so far as to try that, because we found out the underlying problem.
Apparently, the openstreetmap-website ("rails port") expects that a production instance will have a tool called memcache installed. It was another member of our team who figured this out, so I don't have the details, but I think that's enough of a hint if someone finds this question in the future and is trying to solve the issue.
Although we are still running the "rails port" as a development instance (rather than production), we are doing so as a de facto production instance, with 100's of active users.
This level of deployment requires memcache to manage the authenticity tokens, I guess.
If I get more details from my colleague about specific steps he took, I'll amend this answer.
Meanwhile, our site is up and running quite well, now.
I'm building a project where the user can access a CMS like admin system (I'm using the built in login that comes with MVC 4 projects). Each site will store the data in it's own SQL CE database. I want to publish the project without any existing db, and then let Entity Framework create it for me on the first hit.
The problem is that I can't let the /Account/Register method be [AllowAnonymous], so I need to have an already existing admin account in the "Users" table.
I want to have a "superuser" account that is already there when the db gets created, and then through this account I will log in and create a user account for the customer that is going to be using the CMS.
Is this possible, or do I need to drop this idea and just publish the project with an existing db?
If you have any other smart solutions, I'm all ears!? ;)
PS. The reason why I don't want to publish the site with a db is that I might accidentally overwrite any existing data if I do some bug fixes and forget to exclude the db from the project before deployment (for already existing sites etc).
I also have it set up so the Seed method fills the database with "starup" values, so the user starts with a clean slate.
Hopefully someone have any good ideas. I've tried searching but I couldn't really find what I was looking for.
Found the solution here:
http://kevin-junghans.blogspot.se/2013/01/seeding-customizing-aspnet-mvc.html
/ Mikael
Say I have a the models:
File
FileGroups
User
UserGroups
I'd like to be able to manage the user's permissions to file's based on whether or not they are in a certain group. Now these permissions aren't set in stone and can be altered by an administrator through the UI.
Are there any rails specific gems that can help out with this? I believe declarative auth isn't something that would suit my needs as it is explicitly defined in the code.
Any insight would help. Anything to save me from coding a permissions system myself.
Thank you kindly.
I used:
1) cancan - https://github.com/ryanb/cancan
and
2) acl9 - https://github.com/be9/acl9
I've managed to setup authlogic, and quite nice it appears too. Is it secure enough out of the box?
I haven't really configured it too much. I'm going to be using it on a school website where the headmaster basically logs in with username and password to edit notices on the website. So it needs to be secure, but it ain't a bank or an e-commerce site or anything.
All I've done is restrict access to all the edit pages so you need username password and was going to leave my security at that. What do you think?
Restrict access to new, create, edit, update and delete (so only show actions are 'in the clear').
Other than that, I've never come across mention of any Authlogic security issues with a default configured Authlogic setup. Most of the configuration options are provided for dealing with specific requirements imposed by certain environments rather than something that is required for clean environments.
Be sure to add functional tests to ensure that anyone who is not logged on cannot do new, create,edit,update and delete actions. The beauty with tests in this situation is that sometimes they weed out things you may have missed in the initial coding.
We are migrating from one domain to another, and I'd like to be able to keep my same workspace, user settings, history, etc.
Is there any way to change just my domain or log in name within Team Foundation Server?
I don't know the answer, but I do know enough about TFS to be a little bit frightened about it.
If I understand you correctly, you want to change the domain that your users are authenticating as but you want to keep all the same user id's pointing to the same accounts in TFS?
TFS is highly integrated with Active Directory, and stores AD SID's around the place. It also is pretty sensitive to changes in the AD configuration.
I seem to remember one customer that I know of who has done this before, but I cannot find details of it now. I think that your best bet is to call Microsoft Product Support and raise a support incident about it as I have a vague memory that there was some special tool that had to be ran - but I could be mistaken.
Good luck,
Martin.
I know your login name is done through your Domain Controller but I dont know how that will work with switching which domain your TFS is on. Are you trying to move which domain the TFS installation is on or which domain your PC is on?