Rails User or Group Pages Gem - ruby-on-rails

I'm looking for a rails gem that allows my users (and or groups) the ability to create "pages".
I want it similar (if not nearly exactly) like pages.github.com, which I believe uses a library called Jekyll.
I've looked into this briefly, but I haven't been able to find any more... complete solutions.
Does anyone know of a solution that does what I'm looking for? I'd like to configure it for my models Group and User.
Thanks!

I don't about Jekyll, but his website says "is a blog-aware, static site generator in Ruby", and I don't think that's the case.
A solution is to store the pages created by the users to the Database, you can use Textile and/or RedCloth (instead of pure HTML).
There is a nice railscast how to create semi-static pages, I am sure you can get some good ideas:
http://railscasts.com/episodes/117-semi-static-pages
I hope this help you.

You should get the listed Gems
Devise + CanCan + Rolify
Use Devies to authenticate your users.
Use CanCan to authorize your users Roles.
Use Rolify to create the roles on your users that cancan checks.
Then just make a generic page model where the ability checks the roles to see if a user can read, update, create or destroy.

Related

Rails 4 Authentication model with roles

I am beginner in Rails world, so hoping I will be able to find an answer here.
The project that I am working on, has to have User Authorization with roles, for simple users and for admins. With admin privileges I want to be able reset password for simple users or to add roles for them.
I was trying to apply Devise with cancancan gems, but unfortunately, couldn't make it work and I am not sure if that is even possible. So my question is which gems would you recommend to have such behavior. Or it's simpler to start from scratch?
Thank you for your answers.
It sounds like you would benefit from the Rolify Gem: https://github.com/RolifyCommunity/rolify. I'm pretty sure CanCan is for access control based on roles. I'm guessing you have seen this RailsCast: http://railscasts.com/episodes/192-authorization-with-cancan but it seems like the piece you are missing is Rolify. It's a great gem and extremely easy to use.
I have used Pundit with Devise
This is the repo to the application
add the gem and bundle. run rails g pundit:install
It will generate a policies folder with application_policy.rb file. There you can define conditions to actions. Say you want to make sure the user's role is admin to see application index
def index?
user.role == "admin"
end
If you want to create a policy for a different resource say Posts. You have to create a post_policy.rb file in the policies folder

Create a group model for users in rails

I built a web app in Rails where i have articles about different subjects like a blog basically. Now I want to add a group model on my users so that I can show some articles for only those that belong to a certain group. I use devise to handle my users today. They have email and a password as login.
I've been looking everywhere for a gem that i could use and i have searched google and stackoverflow but i haven't found anything except Groupify that resemble what I'm looking for and that is poorly documented :(
So first of all.. are there any gems out there that could help me with this? If not, does anyone has a good way to sort this?
I'm using Rails 4 for my app and Postgres as my database. I use the latest Devise.
I want to point out that I'm pretty new at Rails.
Maybe the cancan gem can help you:
https://github.com/ryanb/cancan
and
http://railscasts.com/episodes?utf8=%E2%9C%93&search=cancan
It sounds like the "groups" you are describing could be thought of as roles the users can have and you'd like to restrict authorization based on which roles they have.
If that's the case, you can take a look at the rolify gem: https://github.com/EppO/rolify
If that's not the case or that's overkill for what you are doing, I would probably not worry too much about finding a gem and instead just make a Group model that does what you want.

Ruby on rails admin actions

I'm learning Rails 4 and I'm looking to build in some basic admin functionality such as creating and viewing users. I can think of a few ways to do it manually, (such as creating a new controller or adding filters) but I'm pretty sure there's a "Rails Way" to do this easily. I've been digging through the docs and I see references to "built in authentication" that support my hunch, but I can't find the actual documentation.
For example, in CakePHP you can just prefix actions with admin_ and /admin/controller/action will work automatically. Is there a similar convention for Rails? If so, where can I find it?
Update:
As I continue to research this, I start to get the impression that admin authorization in Rails is commonly not handled by the Rails core, but rather in a gem like cancan. Perhaps this is why I was striking out by searching the Rails docs.
Update2:
This question wasn't intended to be a round-up of authorization gems, but since it appears gems are the typical way to handle even basic admin authorization, I'd like to find the simplest, most basic (and hopefully universal) option. A couple options have been proposed below which come bundled with default dashboard views and elaborate configurations. I don't need all that. Just a simple, reliable strategy for dividing users into admins and non-admins with different scopes of allowed actions.
Check out the awesome rails_admin gem. It automatically generates just about everything you could need. Very handy and awesome project. https://github.com/sferik/rails_admin
Authentication is handled via the devise gem and authorization via cancan.
It's no replacement for custom admin functionality if you have very specific requirements, but it's great for general admin tasks you described.

Rails - allow people to add association between records, but only allow admins to remove it

I have an app with the following models: People, Projects, ProjectsAdminLists.
There's is a HABTM association between people and projects. Each project has one ProjectAdminsList and each one of those can have many people.
People belonging to each Project can add other people to it, but I want to restrict the removal of this association to those belonging to ProjectAdminsList. Restricting that in the views is straightforward, but what would be the best way to do it in the controller? I'm looking for general guidance on this.
You need some kind of authorization system, I suggest you to have a look at the CanCan gem written by Ryan Bates (the RailsCasts guy), you can start watching at the Authorization with CanCan RailsCast and then look at the really good documentation.
Here an overview:
It just needs a current_user method to determine the current logged user
You write the authorization rules in a single file (ability.rb)
You use the can? method in the view layer to check if a user can do some operation on something
You call load_and_authorize_resource in the controlle to make CanCan automatically check the authorization based on the ability.rb file.
Of course I've just scratched the surface, as said the documentation is really good.

Rails: Roles/admin

Prefface
I'm new to rails & programming. Working on my first rails app--I have authentication with omniauth and devise and a simple article submission working for users.
I want to do two things:
If a user isn't a specific role,
reroute them to another page.
If a preference is 'offline' only
allow admins to view the site.
I have yet to create a prefferences table--looking for suggestions. :)
What's the best way to set up simple roles?
What's the easiest way to redirect users if they're not admin and if the site is 'offline'?
I'm currently using CanCan for role-based authorization on my current project. I've found it works great including the ability to do both of what you're looking for. And the documentation! Oh, the documentation. If all gem authors wrote documentation like CanCan's, I do believe it would bring about world peace.
And as an added bonus, because it was written by Ryan Bates, it has a RailsCast already recorded for it.

Resources