I would like to know if there is a more elegant way to chain has_many through relationships. In my example I have a user whom can have multiple roles. Each role has multiple permissions. So a user has multiple permissions. The code below works fine, but I am wonder if there is a better way to do this.
class User < ActiveRecord::Base
has_many :role_user_mappings
has_many :roles, through: :role_user_mappings
def permissions
permitted_actions = []
self.roles.each do |role|
role.permissions.each do |permission|
permitted_actions << permission
end
end
permitted_actions
end
end
class Role < ActiveRecord::Base
has_many :permission_role_mappings
has_many :permissions, through: :permission_role_mappings
end
class Permission < ActiveRecord::Base
end
class PermissionRoleMapping < ActiveRecord::Base
belongs_to :permission
belongs_to :role
end
class RoleUserMapping < ActiveRecord::Base
belongs_to :user
belongs_to :role
end
I would like to be able to do this.
user.permissions
EDIT: Tried
On thing that I tried that at least DRYs the User model a little bit is adding the function as a concern
module Permittable
extend ActiveSupport::Concern
def permissions
permitted_actions = []
self.roles.each do |role|
role.permissions.each do |permission|
permitted_actions << permission
end
end
permitted_actions
end
end
Have you tried..
class User < ActiveRecord::Base
has_many :role_user_mappings
has_many :roles, through: :role_user_mappings
has_many :permissions, through: roles
That should give you
user.permissions
I'm not sure when the HMT via HMT feature was made available, I know it was missing in earlier versions of rails, but it works for me on Rails 5.
If you do this:
class Permission < ActiveRecord::Base
has_many :permission_role_mappings
end
Then you should be able to do this:
class User < ActiveRecord::Base
has_many :role_user_mappings
has_many :roles, through: :role_user_mappings
def permissions
Permission.
joins(:permission_role_mappings).
where(permission_role_mappings: {role: roles})
end
end
By the way, you may already know this and it may be why you're asking the question... but this is going to give you an N+1 query:
permitted_actions = []
self.roles.each do |role|
role.permissions.each do |permission|
permitted_actions << permission
end
end
permitted_actions
Also, FWIW, when wanting an array back from a collection, you don't need to do:
permitted_actions = []
self.roles.each do |role|
...
end
permitted_actions
You can just do:
roles.map do |role|
...
end
Since map returns an array.
Related
My use case is, if the user have role :agency, he can see clients. But I have to use the link between the client's and agency to verify this. Take a look bellow to see my code:
class Agency < ApplicationRecord
has_many :agency_clients
has_many :clients, through: :agency_clients
resourcify
end
class AgencyClient < ActiveRecord::Base
belongs_to :agency
belongs_to :client
end
class Client < ApplicationRecord
has_many :agency_clients
has_many :agencies, through: :agency_clients
resourcify
end
class ClientPolicy < ApplicationPolicy
def show?
user.has_role?(:admin) || user.has_role?(:client, record)
end
class Scope < Scope
def resolve
if user.has_role? :admin
scope.all
elsif user.has_role? :client, :any
scope.with_role(:client, user)
else
scope.none
end
end
end
end
Thanks!
This way solved my problem. I hope it helps others.
My model Agency has many Clients:
class Agency < ApplicationRecord
has_many :clients
resourcify
end
My User have relationships:
class User < ApplicationRecord
has_many :users_roles
has_many :roles, through: :users_roles
has_many :agencies, through: :roles, source: :resource, source_type: 'Agency'
rolify
...
end
Need create the UsersRole model:
class UsersRole < ApplicationRecord
belongs_to :user
belongs_to :role
end
Finally, my ClientPolicy:
class ClientPolicy < ApplicationPolicy
def show?
user.has_role?(:admin) || user.has_role?(:client, record)
end
class Scope < Scope
def resolve
if user.has_role? :admin
scope.all
elsif user.has_role? :client, :any
scope.with_role(:client, user)
elsif user.has_role? :agency, :any
scope.where(agency_id: user.agencies.pluck(:id))
else
scope.none
end
end
end
end
My app has many interrelationships like:
# Company
has_many :programs
has_many :projects
has_many :users
# Project
has_many :users
has_many :programs
belongs_to :company
# User
belongs_to :project
has_many :programs
belongs_to :company
# Program
belongs_to :project
belongs_to :user
belongs_to :company
Every program must belong to a project and user, BOTH OF WHICH belong to current_user.company.
Approach 1 - controller upon create/update
#program = Program.new(program_params)
#program.company = current_user.company
#allowed_projects = current_user.company.projects
unless #allowed_projects.include? #program.project
raise Exception
end
Approach 2 - model-based validation
before_save :ensure_all_allowed
def ensure_all_allowed
current_user = ???
self.company_id = current_user.company_id
# Then a similar validation to above for self.project_id
end
I feel these are both awkward and not 'the Rails way'.
I assume Approach 2 is the better method because it'll save all this awkward controller code and hold better to the MVC standard.
How can I validate these items correctly?
It's actually somewhat problematic to access current user in a model. It's not impossible, but it requires an around_action that will load the current user in the model class in a thread safe way.
Better would be to assign the current user in the controller
#program.user = current_user
#program.company = #program.user.company
Then do the validation in the model
validate :project_must_be_allowed
def project_must_be_allowed
unless company.projects include project
errors.add(:project, "Project is not valid for company.")
end
end
However, it would be a more normalized setup if you did through relationships
class Company
has_many :users
has_many :projects, through: :users
That way your 'projects' table doesn't need a company_id
You could still do the validation as I described but you'd have to add one method to the model...
def company
user.company
end
or more simply...
delegate :company, to: :user
Since Program has a belongs to relation to both user a and project you can setup some simple validations without worrying about the current_user. This is desirable from a MVC standpoint models should not be aware of the session or the request.
class Program < ActiveRecord::Base
# ...
validates_presence_of :user, :company, :project
# the unless conditions are there avoid the program blowing
# up with nil errors - but the presence validation above covers
# those scenarios
validate :user_must_belong_to_company,
unless: -> { company.nil? || user.nil? }
validate :project_must_belong_to_company,
unless: -> { company.nil? || project.nil? }
def user_must_belong_to_company
unless self.company == self.user.company
errors.add(:user, "must belong to same company as user.")
end
end
def project_must_belong_to_company
unless self.company == self.project.company
errors.add(:company, "must belong to same company as project.")
end
end
end
But I'm thinking that this is just a symtom of some bad relation design choices.
What you probably need is a series of many to many relations - it does not seem very realistic that a project can only have one user or a program either for that part.
class Company
has_many :users
has_many :projects
has_many :assignments, through :projects
has_many :programs, through :projects
end
class User
belongs_to :company
has_many :projects, through: :assignments
end
class Project
has_many :assignments, class_name: 'ProjectAssignment'
has_many :users, through: :assignments
belongs_to :company
end
# you can really call this whatever floats you boat
class ProjectAssignment
belongs_to :user
belongs_to :project
end
class Program
belongs_to :project
has_one :company, through: :project
has_many :assignments, class_name: 'ProgramAssignment'
has_many :users, through: :assignments
end
# you can really call this whatever floats you boat
class ProgramAssignment
belongs_to :user
belongs_to :program
end
That would automatically eliminate the problem with the company since it gets it through a parent relation.
The second problem that a user should not be able to create programs in a project he / she is not a member of sounds like something which should instead be handled on the authorization level - not in a validation.
Pundit example:
class ProgramPolicy < ApplicationPolicy
# ...
def create?
record.project.users.include?(user)
end
end
CanCanCan example:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
can :create, Program do |p|
p.project.users.include?(user)
end
end
end
For example, let us say we have
class User < ActiveRecord::Base
has_many :networks, through: user_networks
has_many :user_networks
end
class Network< ActiveRecord::Base
has_many :users, through: user_networks
has_many :user_networks
end
class UserNetwork < ActiveRecord::Base
belongs_to :user
belongs_to :network
end
Is there a shortcut for doing the following in a controller:
#network = Network.create(params[:network])
UserNetwork.create(user_id: current_user.id, network_id: #network.id)
Just curious and I doubt it.
This should work:
current_user.networks.create(params[:network])
But your code implies you are not using strong_parameters, or checking the validation of your objects. Your controller should contain:
def create
#network = current_user.networks.build(network_params)
if #network.save
# good response
else
# bad response
end
end
private
def network_params
params.require(:network).permit(:list, :of, :safe, :attributes)
end
There has to be a better way to do this. My Favorite model belongs to User while Applicant belongs to both Gig and User. I am trying to efficiently determine whether a user has applied for Gig that was favorited (<% if #application.present? %>).
I tried chaining the collection by using something like #favorites.each.gig to no avail. While the below index action for Favorites seems to work, it's really verbose and inefficient. What is a more succinct way of doing this?
def index
#favorites = Favorite.where(:candidate_id => current_candidate)
#applications = Applicant.where(:candidate_id => current_candidate)
#favorites.each do |favorite|
#applications.each do |application|
if favorite.gig.id == application.id
#application = application
end
end
end
end
class User
has_many :applicants
has_many :gigs, :through => :applicants
has_many :favorites
end
class Favorite < ActiveRecord::Base
belongs_to :candidate
belongs_to :gig
end
class Applicant < ActiveRecord::Base
belongs_to :gig
belongs_to :candidate
end
class Candidate < ActiveRecord::Base
has_many :applicants
has_many :gigs, :through => :applicants
has_many :favorites
end
class Gig < ActiveRecord::Base
belongs_to :employer
has_many :applicants
has_many :favorites
has_many :users, :through => :applicants
end
For lack of a better answer, here's my idea:
--
User
Your user model should be structured as such (I just highlighted foreign keys, which I imagine you'd have anyway):
#app/models/user.rb
Class User < ActiveRecord::Base
has_many :applicants
has_many :gigs, :through => :applicants, foreign_key: "candidate_id"
has_many :favorites, foreign_key: "candidate_id"
end
This means you'll be able to call:
current_candidate.favorites
current_candidate.applicants
This will remove the need for your #applications and #favorites queries
--
Favorite
You basically want to return a boolean of whether applicant is part of the favorite model or not. In essence, for each favorite the candidate has made, you'll be able to check if it's got an application
I would do this by setting an instance method on your favorites method using an ActiveRecord Association Extension, like so:
#app/models/user.rb
Class User < ActiveRecord::Base
has_many :favorites do
def applied?
self.applicant.exists? proxy_association.owner.gig.id
end
end
end
This will allow you to call:
<%= for favorite in current_candidate.favorites do %>
<%= if favorite.applied? %>
<% end %>
This is untested & highly speculative. I hope it gives you some ideas, though!
I'm working on an engine where any model can have a has_many association with Permit as Permissible:
class Permit < ActiveRecord::Base
belongs_to :permissible, polymorphic: true
end
module Permissible
def self.included(base)
base.class_eval do
has_many :permits, as: :permissible
end
end
class Group < ActiveRecord::Base
include Permissible
end
class GroupAllocation < ActiveRecord::Base
belongs_to :person
belongs_to :group
end
class Person < ActiveRecord::Base
include Permissible
has_many :group_allocations
has_many :groups, through: :group_allocations
end
class User < ActiveRecord::Base
belongs_to :person
end
So, Group has_many :permits and Person has_many :permits. What I am trying to do is dynamically create associations on User that uses the permits association as a source, and chain associations on other models down to User by doing the same. This can be done manually (in rails 3.1+) with:
class Person
has_many :group_permits, through: :person, source: :permits
end
class User
has_many :person_permits, through: :person, source: :permits, class_name: Permit
has_many :person_group_permits, through: :person, source: :group_permits, class_name: Permit
end
However, in practice, Permissible will be included on many models, so I'm trying to write a class method on User (actually within another module, but no need to confuse things more) that can traverse User.reflect_on_all_associations and create an array of new associations, which may be many associations deep each.
Looking for input on how to do this cleanly in rails 3.2.8.
Here is how I did it (implementation code varies slightly from the details given in the question):
module Authorisable
def self.included(base)
base.class_eval do
base.extend ClassMethods
end
end
module ClassMethods
class PermissionAssociationBuilder
def build_permissions_associations(klass)
chains = build_chains_from(klass)
chains.select! {|c| c.last.klass.included_modules.include? DistributedAuthorisation::Permissible}
permissions_associations = []
chains.each do |chain|
source_name = :permissions
chain.reverse.each do |r|
assoc_name = :"#{r.name}_#{source_name}"
r.active_record.has_many assoc_name, through: r.name.to_sym, source: source_name, class_name: DistributedAuthorisation::Permission
source_name = assoc_name
end
permissions_associations << source_name
end
return permissions_associations
end
private
def build_chains_from(klass)
chains = reflections_to_follow(klass).map {|r| [r]}
chains.each do |chain|
models = chain.map {|r| r.klass}.unshift klass
reflections_to_follow(models.last).each do |r|
chains << (chain.clone << r) unless models.include? r.klass
end
end
end
def reflections_to_follow(klass)
refs = klass.reflect_on_all_associations
refs.reject {|r| r.options[:polymorphic] or r.is_a? ActiveRecord::Reflection::ThroughReflection}
end
end
def permissions_associations
#permissions_associations ||= PermissionAssociationBuilder.new.build_permissions_associations(self)
end
end
Probably not the most efficient method, but it adds the chains I'm after with Klass.permissions_associations, and stores their symbols in class instance variable.
I'd be happy to hear suggestions on how to improve it.