Rails 4 Authentication model with roles - ruby-on-rails

I am beginner in Rails world, so hoping I will be able to find an answer here.
The project that I am working on, has to have User Authorization with roles, for simple users and for admins. With admin privileges I want to be able reset password for simple users or to add roles for them.
I was trying to apply Devise with cancancan gems, but unfortunately, couldn't make it work and I am not sure if that is even possible. So my question is which gems would you recommend to have such behavior. Or it's simpler to start from scratch?
Thank you for your answers.

It sounds like you would benefit from the Rolify Gem: https://github.com/RolifyCommunity/rolify. I'm pretty sure CanCan is for access control based on roles. I'm guessing you have seen this RailsCast: http://railscasts.com/episodes/192-authorization-with-cancan but it seems like the piece you are missing is Rolify. It's a great gem and extremely easy to use.

I have used Pundit with Devise
This is the repo to the application
add the gem and bundle. run rails g pundit:install
It will generate a policies folder with application_policy.rb file. There you can define conditions to actions. Say you want to make sure the user's role is admin to see application index
def index?
user.role == "admin"
end
If you want to create a policy for a different resource say Posts. You have to create a post_policy.rb file in the policies folder

Related

Create a group model for users in rails

I built a web app in Rails where i have articles about different subjects like a blog basically. Now I want to add a group model on my users so that I can show some articles for only those that belong to a certain group. I use devise to handle my users today. They have email and a password as login.
I've been looking everywhere for a gem that i could use and i have searched google and stackoverflow but i haven't found anything except Groupify that resemble what I'm looking for and that is poorly documented :(
So first of all.. are there any gems out there that could help me with this? If not, does anyone has a good way to sort this?
I'm using Rails 4 for my app and Postgres as my database. I use the latest Devise.
I want to point out that I'm pretty new at Rails.
Maybe the cancan gem can help you:
https://github.com/ryanb/cancan
and
http://railscasts.com/episodes?utf8=%E2%9C%93&search=cancan
It sounds like the "groups" you are describing could be thought of as roles the users can have and you'd like to restrict authorization based on which roles they have.
If that's the case, you can take a look at the rolify gem: https://github.com/EppO/rolify
If that's not the case or that's overkill for what you are doing, I would probably not worry too much about finding a gem and instead just make a Group model that does what you want.

Ruby on rails admin actions

I'm learning Rails 4 and I'm looking to build in some basic admin functionality such as creating and viewing users. I can think of a few ways to do it manually, (such as creating a new controller or adding filters) but I'm pretty sure there's a "Rails Way" to do this easily. I've been digging through the docs and I see references to "built in authentication" that support my hunch, but I can't find the actual documentation.
For example, in CakePHP you can just prefix actions with admin_ and /admin/controller/action will work automatically. Is there a similar convention for Rails? If so, where can I find it?
Update:
As I continue to research this, I start to get the impression that admin authorization in Rails is commonly not handled by the Rails core, but rather in a gem like cancan. Perhaps this is why I was striking out by searching the Rails docs.
Update2:
This question wasn't intended to be a round-up of authorization gems, but since it appears gems are the typical way to handle even basic admin authorization, I'd like to find the simplest, most basic (and hopefully universal) option. A couple options have been proposed below which come bundled with default dashboard views and elaborate configurations. I don't need all that. Just a simple, reliable strategy for dividing users into admins and non-admins with different scopes of allowed actions.
Check out the awesome rails_admin gem. It automatically generates just about everything you could need. Very handy and awesome project. https://github.com/sferik/rails_admin
Authentication is handled via the devise gem and authorization via cancan.
It's no replacement for custom admin functionality if you have very specific requirements, but it's great for general admin tasks you described.

Rails User or Group Pages Gem

I'm looking for a rails gem that allows my users (and or groups) the ability to create "pages".
I want it similar (if not nearly exactly) like pages.github.com, which I believe uses a library called Jekyll.
I've looked into this briefly, but I haven't been able to find any more... complete solutions.
Does anyone know of a solution that does what I'm looking for? I'd like to configure it for my models Group and User.
Thanks!
I don't about Jekyll, but his website says "is a blog-aware, static site generator in Ruby", and I don't think that's the case.
A solution is to store the pages created by the users to the Database, you can use Textile and/or RedCloth (instead of pure HTML).
There is a nice railscast how to create semi-static pages, I am sure you can get some good ideas:
http://railscasts.com/episodes/117-semi-static-pages
I hope this help you.
You should get the listed Gems
Devise + CanCan + Rolify
Use Devies to authenticate your users.
Use CanCan to authorize your users Roles.
Use Rolify to create the roles on your users that cancan checks.
Then just make a generic page model where the ability checks the roles to see if a user can read, update, create or destroy.

Rails: Roles/admin

Prefface
I'm new to rails & programming. Working on my first rails app--I have authentication with omniauth and devise and a simple article submission working for users.
I want to do two things:
If a user isn't a specific role,
reroute them to another page.
If a preference is 'offline' only
allow admins to view the site.
I have yet to create a prefferences table--looking for suggestions. :)
What's the best way to set up simple roles?
What's the easiest way to redirect users if they're not admin and if the site is 'offline'?
I'm currently using CanCan for role-based authorization on my current project. I've found it works great including the ability to do both of what you're looking for. And the documentation! Oh, the documentation. If all gem authors wrote documentation like CanCan's, I do believe it would bring about world peace.
And as an added bonus, because it was written by Ryan Bates, it has a RailsCast already recorded for it.

Authentication with Ruby on Rails & Devise

I am about to build a new site in ruby on rails for residents at my college.
The site will allow residents to change their passwords for the college-firewalls (which means there are certain requirements).
On the site, each resident will have an account with a number of data assigned to it, and for this I need some authentication.
I've been studying Devise for almost the entire day now, but im starting to wonder if I have a too complicated task, to complete it with Devise.
Problem is, I need the passwords to be stored with DES-encryption, something Im not sure if Devise can handle.
Another thing is, users can't make their own profile. Admins will do that (to ensure correct data), which means that user-creation is not the default one. Since there are no controllers for this, is it even possible to do it that way?
I'm not sure if I should keep on going with Devise, or bite the bullet and write it all from scratch instead. Some opinions would be appreciated.
This page on the Devise wiki ( https://github.com/plataformatec/devise/wiki/How-To:-Create-a-custom-encryptor ) tells you how to set up a custom encryptor.
To make it so that admins create a user, remove the :registerable module from the User model. Then add a user resource to your app, example:
scope 'admin' do
resources :users
end
Set up the new/edit pages with your profile fields, etc., normal rails programming.
For an example using CanCan to control access to the users resource, have a look at this post: http://zyphmartin.com/blog/manage-users-with-devise-and-cancan.
If devise does not exactly do what you need, maybe this recent webcast from Ryan Bates will help you.

Resources