I have an role column in my User model and I want to prevent someone from accessing the rails_admin routes if they don't have an admin flag. Since the RailsAdmin::MainController doesn't inherit from ApplicationController I'm not sure how I can insert this check before the view loads.
I'm not keen on creating a new Admin model as per the devise docs. I would like to use the same user account.
Does anyone have any suggestions? =)
You can define from which controller your rails admin will inherit by defining it in the config/initializers/rails_admin.rb file like this:
RailsAdmin.config do |config|
config.parent_controller = '::ApplicationController'
end
And also i recommend using a gem to handle authorization, cancancan or pundit will handle nicely your use case.
Related
I am using devise gem. I would like to add one more condition check while the user clicks in login button. So far I haven't customized create method in the sessions controller.
I would like to add a condition like if user.valid? There is one field called valid in the database.
What is the best way to do this with devise?
Any guidance or help would be appreciated
Check this documentation, the main idea is to override active_for_authentication?.
class User < ActiveRecord::Base
def active_for_authentication?
super && special_condition_is_valid?
end
end
As an admin I have a specific role
I want to see and switch event for object
Depends on my role
Inspired by activeadmin_addons and its Enum Integration I want to make similar functionality for AASM by letting diffent admin users change events depending on their abilities/roles for specific events/statuses in model.
Taken from here, please see this link for additional files you need
Prequestites:
Gem: ActiveAdmin,
Gem 'active_admin_role', both are installed and working AdminUser model with current_admin_user setup (or similar to your app).
Tested with Rails 5.1.3.
After you finish and deploy/run server you must "Reload" Permissions in admin and enable "event_update" for manager or other than "super_admin" roles.
Smaller addons you'll need to do:
(in addition to below attached files)
In your AdminUser model add:
include CanCan::Ability
include ActiveAdminRole::CanCan::Ability
In your table_for (is where you render columns of data):
column 'Our Status' do |auction|
render 'admin/auctions/event_change', auction: auction
end
In initializers/active_admin.rb or whenever you want
ActiveAdmin::ResourceController.class_eval do
protected
def current_ability
# Match to your current admin user
#current_ability ||= Ability.new(current_admin_user)
end
end
also make sure your config:
config.authorization_adapter = ActiveAdmin::CanCanAdapter
config.authorization_adapter = ActiveAdmin::CanCanAdapter
config.cancan_ability_class = 'Ability'
Pardon me if I forgot something, let me know if you have any question or problem !
I'm trying to apply this post ( Devise update user without password ) for users don't need to insert password to update informations.
But, I'm very confused where is this controller. Devise don't create any controller in my app/controller folder. I search in all the folders but I cant find.
Where I that controller?
I see posts talking about create a new controller, but I just want to modify little things.
You don't edit (or shouldn't) the Devise controllers. Instead you create your own controller and inherent from the Devise controller.
# app/controllers/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
def new
super
end
def update
# add custom update logic here
end
end
Notice how RegistrationsController inherets from Devise::RegistrationsController. Now you can overide the registration methods (or modify them and call super). Even the page you are referencing about overriding the devise default behavior relies on class inheritance.
JTG offers good advice, you shouldn't edit the gem directly. As a more direct answer to the question:
To print the folder of your gem:
$ bundle show devise
To open the gem in a text editor ( while being sure not to change anything )
$ bundle open devise
I am using Devise and Rails 4. I want to add multiple User Models(admin, usertype1, usertype2) such that they inherit from the main User Model. I have searched many posts and come to the conclusion that I may use CanCan, which I do not want, or I may use Single Table Inheritance.
The way I see it is to add a type string-column to my main User model I created with Devise. I will also need to extend each sub-class from the parent as in:
class Admin < User
end
class Usertype1 < User
end
class Usertype2 < User
end
My question is: what do I do next? How exactly do I know how to access the type column? Do I also need to override the Devise Controller for the current_user helper method such that I can have current_admin for example?
I'm not sure this really answers the original question. I am trying to set up multiple session controllers for Devise, and it seems like it really does require multiple models for this use case. Will post back when I've got a working version.
You can also use the easy_roles gem. It is available on github. This gem provides a bitmask solution for your different user roles. You just must have one model, e.g User, this model gets an attribute "role". Just checkout the docs on github.
Devise + easy_roles + CanCan is a very good setup, it is very convenient in my opinion. I use this quite often.
Link to github: https://github.com/platform45/easy_roles
STI will give you current_admin, current_user1 and current_user2 Devise methods.
In application_controller.rb, create a custom current_user method like this:
def current_user
if current_admin
current_admin
elsif current_user1
current_user1
else
current_user2
end
end
helper_method :current_user
You will need some work on routes.rb and a custom sessions_controller.rb. See the accepted answer here Rails: Using Devise with single table inheritance
I'm using devise and acts_as_tenant gem and it seems the devise controllers don't inherit from ApplicationController (???) so don't have access to set_current_tenant_by_subdomain
When the password reset link is clicked I get no Tenant scoping by subdomain.
So how do you handle this? Is there an easy way to open up the DeviseControllers to ensure
set_current_tenant_by_subdomain is called?
Thanks so much
There are a few steps to solve this.
Customize the Devise views to include the tenant details. You can do it by using rails generate devise:views and editing the generated views.
Patch DeviseController so that it includes set_current_tenant_by_subdomain. DeviseController is inherited by the device controllers (confirmations, registrations, forgot password, etc.)
The patching would look something like this:
class DeviseController < Devise.parent_controller.constantize
set_current_tenant_by_subdomain(:account, :subdomain)
end