I'm developing and application with ruby on rails . i have the following models : user, role, option, permission. Depending on the Role of an User i want the menu of the application to display certain options. So an USER has one ROLE, one ROLE has one or many OPTIONS (availables in the menu),one OPTION can be assigned to many Roles . that's why i created a join table called PERMISSION which has rol_id , option_id and status.
SO, in the app, i want to be able to create a new role and check from a list the options this Role can have. But i don't know how to do a form that let me handle all this information and assign the role_id and the option_id the join table needs.
"Best" Solution:
Code it yourself, you should definitely become more familiar with ActiveRecord and be comfortable utilizing relationship tables and the roles one may have, along with writing helper functions like "is_an_admin?" or "is_a_moderator?"
You should also be comfortable with the routes and controllers for adding new users and checking permissions for can POST / UPDATE / PATCH / DELETE entries on your roles database.
Some db like "roles" where you store a user_id and role_level (1 is super_admin, 2 admin, or 3 moderator etc etc) and a user "has_one :role" association?
So my honest recommendation would be to learn it properly, here's some resources:
CULTTT Implementing Roles and Permissions
Association Basics
Easiest Solution
Use a gem, some options:
rolify (https://github.com/RolifyCommunity/rolify)
CanCanCan (https://github.com/CanCanCommunity/cancancan)
Pundit (https://github.com/elabs/pundit)
Related
For the Rolify gem in Rails in order to add a role to a user you can do:
user = User.find(1)
user.add_role :admin
But I have a large database of already existing users with no roles. How do I add a role to multiple users with a single command?
I tried the snippet below but it errored:
users = User.where(email:['email1','email2'])
users.addrole :admin
Does anyone know how to do this? Or do I need to create a script that cycles through the users automatically and assigns a role one by one?
Rolify is mostly just a quick and dirty role system, and it currently doesn't provide this feature.
You'll have to write a bulk insert/upsert query of your own into the database tables that Rolify persists data, e.g. (roles and users_roles for a users table).
How do I create a migration file which will create a user with the role of "admin"? I've written the following:
rails g migration User
How can I give a role of "admin" to this user?
Migrations may serve two functions:
The manipulation of structure in your database
The manipulation of data in your database
Generally speaking it is best practice to use them for the first, and to try to avoid the second (which may cause issues to an upgrade path down the line).
Your question is unclear regarding whether you're asking to create a User table with a column representing administrative privileges, or if you're trying to add an administrative user to an existing Users table.
If you are trying to create a User table, you will want to do the following:
rails g model users is_administrator:boolean other_column:type
Something along these lines will generate a migration (and matching model) allowing Users to be created, with a column containing what could be treated as administrative privileges.
On the other hand, if you already have a Users table, and are trying to add the ability to distinguish administrators from non-administrators, you would be better suited by something like this:
rails g migration add_is_administrator_to_users is_administrator:boolean
Finally, if you are asking how to add a User to the table Users which already exists and contains the column "is_administrator", I would encourage you to add the following line to db/seeds.rb:
User.create( is_administrator: true, other_column: 'other value' )
And then run the following line in the console
rake db:seed
If this doesn't make sense, I would encourage you to read up in Active Record Migrations, or (in the case that you choose to leverage the third method) Active Record Seeds.
You can have users and admin in same table and add one more column called "role" which will be boolean, which will decide if the current user is admin or not
rails g migration user role:boolean name
if role is false than it is not an admin.
I've created 2 tables, one for users and one for admins.
I created 2 tables as they both collect different information, but I want to be able to allow a sign in using an email address and password from both the admin and user tables via the same form.
Is this possible? I've looked around and people seem to have created 1 users table and added an admin boolean, but I wanted to avoid this and I didn't want to collect unnecessary data if I didn't need to.
Any help and assistance about how to best go around this would be great.
If you are implementing something from scratch, then it is simply a matter of coding it. I think this approach has some inherent flaws and I would avoid it.
If you want to have some segregation on the model side of things, I suggest you use STI. That way there is some shared behaviour/attributes and the distinctions can be coded separately, so you have your protection.
If you have plenty of distinct attributes, I would suggest separating them from your user/admin and creating an "admin_profile" model that belongs_to :admin and a "user_profile" that belongs_to :user.
And to make coding "transparent", you can create accessors in your admin model class to get/set the profile attributes seamlessly. Say you have an is_cool attribute on the admin_profile model, but you'd like to access it as
imadmin.is_cool
You can have in your admin.rb model
has_one :admin_profile
def is_cool
self.admin_profile.is_cool
end
be careful cause the has_one relationship may return nil if there is no profile associated with the admin/user.
I have installed Devise and created Users and also Admins using Option 1 from this tutorial https://github.com/plataformatec/devise/wiki/How-To:-Add-an-Admin-role
Now I need a little help. When adding the Admins it creates a different table, and the potential arises that the admins and regular users could have the same ID's.
So how exactly do I got about grabbing information from users and admins? Say for example I want to display all users? Do I have to traverse the users table and then the admins table?
Or if I am displaying a post. How will I know which table to look for to get the user or admin info?
I know I can just add a role column to the users table but I wanted to avoid this.
I hope this makes sense haha
I highly recommend using the Single Table Inheritance (STI). You could do the STI by adding a column named type with a string datatype in the users table and create an admin model as well as a normal_user model both models will inherit from the user model of the devise gem.
class NormalUser < User
end
class Admin < User
end
The type column is a reserved word which will hold a value either NormalUser or Admin according to the user type you created.
To create an admin use Admin.create(...) and to create a normal user use NormalUser.create(...) where the dots are the attributes of the Admin and the NormalUser
I'm creating a Rails app for students and high schools and I'm having some trouble with my User.rb.
I want to have a user model to be used for logging in, but having that user have many roles. The tricky part is that I want users that have a student role to have_one student page, and those that have a role of principal to have_one high_school page.
The students and also nested in the high_school so the entire thing becomes a big mess.
So my question(s): How do I limit a user to only creating one student / high school to represent them? Also how would I nest this student pages inside the highschool without screwing up the user system?
My environment: Rails3 and Ruby 1.9.2dev
Thank you!
Follow up: Would it be possible to put the name of the high_school in the subdomain? That would make the url look like
highschoolname.mysite.com/students/eric-koslow
I'd suggest polymorphic association to user_representations. It'd hold info about which high_school object or which student_page to associate the appropriate user to.
You can made a validation to avoid the multi-creation.