Authenticate rails_admin with admin attribute - ruby-on-rails

I want to be able to just let the users that have an admin attribute set to true to access rails_admin. So, if a user has the is_admin attribute to true, they can access the rails_admin interface.
I have checked their documentation and all I can find about authentication is here: https://github.com/sferik/rails_admin/wiki/Authentication
Please, could you help me to do so?
Thanks

From https://github.com/sferik/rails_admin/wiki/Authorization
config.authorize_with do
redirect_to main_app.root_path unless current_user.is_admin?
end

The documentation already explains, what you have to do:
In your rails_admin.rb initializer:
config.authenticate_with do
warden.authenticate! :scope => :admin
end
config.current_user_method { current_admin } # hook to your 'current_user' method
And in your User Model you generate the current_admin method:
def current_admin
current_user && current_user.is_admin
end
I think this should work.

Related

rails_admin with devise and single admin user

I'm using Rails 5, rails_admin and devise with the standard devise user model setup:
config.authenticate_with do
warden.authenticate! scope: :user
end
config.current_user_method(&:current_user)
I would like a single user to be able to access the /admin area. Without having to create a new "isAdmin" attribute in the User model, is it possible to simply tell rails_admin that user.id=1 is the only user that can access the /admin area?
This worked for me. In rails_admin.rb, I removed the devise configuration and simply checked for current_user.id to equal 1.
config.authorize_with do
if user_signed_in?
redirect_to main_app.root_path unless current_user.id == 1
else
redirect_to main_app.root_path
end
end
This is simple and does not give away there is an /admin area unless you are the current signed in user and your id == 1

NoMethodError in RailsAdmin::MainController#dashboard undefined method `is_admin?' for #<User:0x007fc87c140c48> Did you mean? is_haml?

Currently I'm using devise and rails_admin on Rails 5.0.0.1, when I open admin panel this error is showing up.
After I added below lines in rails_admin.rb file for authorization, above error arises
config.authorize_with do
redirect_to main_app.root_path unless current_user.is_admin?
end
The error states that is_admin? method is not defined for a user instance. I assume you have an admin attribute in your model. You can either define the method in the model like
class User < ActiveRecord::Base
def is_admin?
self.admin #returns a boolean
end
...
end
Or replace the block with
config.authorize_with do
redirect_to main_app.root_path unless current_user.admin
end
current_user.admin will return a boolean value based on the field admin in the users table.
Hope this helps!
I was experiencing the same issue and was able to find a solution.
Add this to rails_admin.rb:
config.authorize_with do
redirect_to main_app.root_path unless current_user.admin?
end
if you are working with devise add it underneath the devise section like so:
RailsAdmin.config do |config|
### Popular gems integration
## == Devise ==
config.authenticate_with do
warden.authenticate! scope: :user
end
config.current_user_method(&:current_user)
config.authorize_with do
redirect_to main_app.root_path unless current_user.admin?
end

Rails: NoMethodError in RailsAdmin::MainController#dashboard

I was setting up authorization using the code below and got an error. I'm using devise
undefined method `is_admin?' for #<User:0x007f803734ba48>
I've already setup the admin user in the console but I'm having issues testing out users trying to log in.
RailsAdmin.config do |config|
config.authorize_with do
redirect_to main_app.root_path unless warden.user.is_admin?
end
end
https://github.com/sferik/rails_admin/wiki/Authorization
This worked for me:
Include a boolean field in your users table and name it admin
Then use this:
RailsAdmin.config do |config|
config.authenticate_with do
warden.authenticate! scope: :user
end
config.current_user_method(&:current_user)
config.authorize_with do
redirect_to main_app.root_path unless current_user.admin == true
end
end
Are you using Warden? On the same page I've found some custom authorization. Have you tried that?

Identifying the user after sign out for after_sign_out_path_for method in Devise

For after sign in path, you can do the following:
def after_sign_in_path_for(resource)
if resource.class == User
if resource.sign_in_count < 2
'/dashboard'
else
'/dashboard/home'
end
elsif resource.class == AdminUser
I18n.locale = "en"
'/admin/dashboard'
else
I18n.locale = "en"
'/'
end
end
But, how can I check if my user is a User or an AdminUser after sign_out?
def after_sign_out_path_for(resource_or_scope)
if resource_or_scope == AdminUser
This does not work. Is there any way to check it?
Note: Although I have done a monkey patch and defined new root for admin and my problem is solved, but I want to know if there is any way to implement using after_sign_out_path_for method of Devise?
Devise gives you the current_user after you sign in which is the logged in user. There is nothing like whether the user is admin or the general user.
So its not that you can use for.
You can use other ways to get what you want.
The one is Cancan which works well with Devise, you can define user roles.
With Cancan, you can define a column in your users table, say role, with values for each user like admin or general user. So then there will be Ability.rb file for Cancan and there you can define your logic.
You can use conditions -
if user.role? :admin
#admin related logic
elsif user.role? :general
#general user related logic
end
This will work here.
def after_sign_out_path_for(resource_or_scope)
if resource_or_scope == :user
redirect_to ... # users path
elsif resource_or_scope == :admin
redirect_to .... # admins path
end
end
Devise will call the method after_sign_out_path_for with the symbol of the class name as the parameter, hence we can check the condition based on that symbol.
In your user model you could do something like this if you have a column for specifying the user role.
def admin?
role == "admin"
end
then all you do is
def after_sign_out_path_for(user)
if user.admin?

Update Attributes After Sign In Devise

I am using devise in a Rails 3 app.
I would like to update some attributes of a User on a successful sign in.
I am doing it the following way:
I added following code to application_controller.rb
def after_sign_in_path_for(user)
#user = current_user
#user.status = "online"
#user.save
root_path
end
Is it possible to have a different method for doing this and not using the method that is used for defining the after_sign_in_path ?
Thanks in advance!
You can do this with hooks to warden.
##config/initializers/devise.rb
Warden::Manager.after_authentication do |user,auth,opts|
user.update_attribute(:currently_signed_in, true)
end
Warden::Manager.before_logout do |user,auth,opts|
user.update_attribute(:currently_signed_in, false)
end

Resources