We are using rails_admin plug in to manage back end for a classroom. There is an admin(Coordinator) and several moderators(Teaching assistants). The admin and moderators should be able to add students to the database. Each student is associated with a moderator(TA). When a moderator clicks to view the students the rails_admin renders all the students in the database. How can we restrict rails_admin to show only those students whose TA is the moderator who is logged in? Admin should be able to see all the students in the database.
Rails_admin has this capability built in. You've got a couple of options as per their wiki page:
Editing the config/initializers/rails_admin.rb configuration file as per this section
Or my personal preference, using CanCan or CanCanCan as per this section
Happy to help if you run in to more specific issues.
Good luck!
Edit: Bonus link for CanCan & rails_admin, again on their wiki
Related
i was thinking to create a webapp for my college in which students can upload there assignments and teachers can have a check on them and give marks. i have used devise gem to make students authentication. now i decide to use activeadmin and give the ability of creating teachers account to only admin. how is it possible. or is there any other option for it to be done...
my plan is to give the ability of creating teachers account only to a single admin and grant teachers the ability to access the assignments uploaded by students. help in creating the webapp please!!!
To explain it in a sentence, I am asking if it is possible to use the ActiveAdmin gem to create admin pages specific to admin users, i.e. each admin user only gets to see models and associating models specific to him. If so, how would I implement this?
To further explain my situation, I have a model called Sponsor(who would essentially be the admin users), and they put up different offers(another model that belongs to Sponsor) for users to redeem. So what I am trying to do is create an admin page where each sponsor gets his own admin credentials, and the admin page only shows the information that relates to this sponsor, i.e. the information regarding the offers this sponsor put up, and all relating models and its details. Is this possible to implement using the ActiveAdmin gem or any other gems for that matter?
I would rather not implement this from scratch if there are gems out there that I could use. Any suggestions?
I haven't tried this myself but it should be easily achievable in ActiveAdmin
either by changing the default scope on per controller basis or by using AuthorizationAdapter.
We are trying to create different groups of users with restricted database
functionality using the railsAdmin plugin in Rails. Specifically, there is a
table in the database that indexes all personnel. We want to create two
levels of user accounts. "Admins" have access to all personnel. "Moderators"
have access to a subset of personnel only. Further, moderators should be
able to add personnel to the database, but they should be visible only to
that moderator and the admins. As an example, if user A is a moderator and
adds a person named "Dave,", we don't want Dave to be visible in the
dashboard for other moderators (e.g., B, C, etc). Similarly, if moderator B
adds a person, s/he should be visible only to moderator B. We are having
difficulty determining where in the code this type of functionality should
be added. Any pointers would be appreciated. Thank you.
Have you considered using CanCan with rails_admin?
There is a pretty good guide on authorisation using CanCan with rails_admin on their wiki:
https://github.com/sferik/rails_admin/wiki/Cancan
p.s. you might prefer to use CanCanCan which is more actively maintained
for a university project i have to create a small ruby on rails application, in Netbeans, which allows staff of the university to maintain their absence records.
The sample logins available in books have been regarding a singular user table. My application will require 3 types of users staff (who are assigned to a manager), manager and admin (to create/edit/delete all employees). Thus the login will have to bring up a particular users home page, in steps my confusion.
My table structure at the moment has the field user_id in both the manager and staff table which has a 'has_one' relationship with ID of the users table which simply contains the fields user_id, user_name password and user_type.
I can't get any adapted sample code for logins to work with this multi user application, any insights or ideas on tutorials available similar to this?
Cheers.
P.S. I have the full spec available if any other further information is required.
I couldn't tell from your question if you already have authentication working.
But, I've set up similar systems using the devise and cancan gems.
With devise, you just need to specify the root path in config/routes.rb and your user will be redirected there upon signin. For example you could have a route like this:
namespace :user do
match 'dashboard' => 'dashboard#index', :as => :root
end
Then, in dashboard#index, you could provide profile-specific actions. Also, a good way to manage user roles would be to put a role column on the users table and use the cancan gem.
Check out this railscast on the subject http://railscasts.com/episodes/192-authorization-with-cancan... So you could assign someone to the admin role, and using cancan's simple DSL they could create/edit/delete all employees.
A lot of the rails authorization gems in rails is based on the idea of roles. We have a website that does not have "roles" but rather many users. Each user needs access to changed/update information on a single page rather than on lots of pages in a role of author. The page that they are editing is public accessible (view) but only editable by that user or the admin. No other user can edit that page.
Creating a role per user for this is silly.
Are there any rails gems already available that will allow this sort of mapping to users that do not have a particular grouping in a role?
Am I looking at the problem incorrectly?
Thanks.
You can use CanCan, and limit the queries / actions per user. Check it here https://github.com/ryanb/cancan . And there's an example of how to do this in Railscast 192.
I have the idea that I've seen an example in which CanCan added a mixin active record to provide some out of the box authorization, but I can't find an example of that. It the code looked like (it the app would be a blog with comments) Comment.authorize.find(1) and that command validated that the user had created the comment.
Role based permission systems are old hat,
Mysql changed from a roles based system to
a permissions based system a long time ago.
I have a plugin that is very similar to cancan
but it differs in a few small ways.Fat Model Auth