I am new to rails and am wanting to make a training scheduling app. I need a user management system and am sure one exists as a gem but I cannot seem to find one with all of these needed features.
Multiple access levels (User, Trainer, Manager, Admin)
No user signup (Trainer, Manager, Admin will create accounts and the information will be emailed to users)
User groups (User, Trainer, Manager) belong to groups and can only manage users in those groups. Admin can manage anyone in any group.
Users can change details on their account and change their passwords.
Admins can determine how users will login (custom field, username, email)
Can use a mysql database
Is there any current gems out there with all this functionality or will a custom one need to be created?
You're combining two concepts here, user authentication and role-based access control. Consider using devise for authentication as it's quite configurable (you can disable the sign_up route and only allow sign_in, for example), and something like cancan for rbac.
Also, do you really need to allow admins to determine how users will login? Consider just settling on one method to start with, and adding this functionality later if it's a real priority.
Related
I'm building a website, where vendors can have their own separate website on. There is vendors and normal users.
The goal is to have a closed profile page w. login for both, where a vendor can edit his website, check out stats and more. A normal user is also able to login to mark different vendor's websites as favourites and check out newest post on the forum. So what is important here is: They booth need to be on my Discourse forum, but I'd like to avoid a Vendor to have a login both for vendor and for a user (Signing up twice).
http://www.discourse.org/ has SSO ability for devise, but im not sure if it allows for two different devise models.
Should I:
Create one devise-model for both, called Users? (And have a boolean or integer if User is a vendor/has vendor-access?)
Or:
Separate them: One for Users and one for Vendors?
I haven't tested out if Discourse allows for two devise-models, since Discourse is the easiest to set up in production-mode. But I need your advice: Can I use Single sign-on for devise with two different devise models? Is it the preferable way? Or is there other ways than this I haven't noticed? Like adding a user to a vendor, or something?
Using rails 5
We can achieve this by managing role field. We can make entry on the time of sign_up in role field that user is normal user or vendor. After create this we check user_role can in after_sign_up_path and redirect to path accordingly.
for this refer gem rolify
please correct me if getting any thing wrong.
So, when we create a Mean.js app using the yo generator, there's a User module by default, that manages authentication, sign up, sign in, profile settings, etc.
We also have the option to add roles to the users in the users model, admin and user roles are set by default.
Users can self register to the app by default, now let's say I want to use the admin user to do CRUD ops on Users (create, read, update, delete new users, and make queries such as list users) and disable the sign up option for common users so only the admin can register new users.
I thought about two options:
create a CRUD module with yeoman (but this would cause trouble with the existing User module, that manages all this auth stuff)
do everything from scratch, like adding all the controlers, routes, and all the stuff needed (but this would take a lot of time and it could create lots of bugs cause I may forget something)
What would you suggest?
Mean.js 0.4.0 is the most recent version and it will have an admin module incorporated in a near future. I implemented one in my app similar to the one in this pull request. Take a look and see if it works for you.
I am creating dashboard appliaction on Rails4. I have created model Partner with some data. I also have created a lot of models with views that will be associated to this Partner.
I can edit data of all models without any restrictions. Now I want to create Admin, that will login to my app and will manage data. Admins will be added via console and it does not need registration.
Also I want to make Partners to login/register too. Partners can only open pages that are connected to their data and edit them.
Here my questions depending on this situation:
How to remove registration element from Admins not affecting to Partners?
How to restrict Partners to only their own pages while Admins can be everywhere?
Is it good approach to make Admins and Partners to edit data on same dashboard, or I need to create different controllers with different views for Admins and Partners separately?
You should be able to do everything you're discussing by using a gem for handling authorization ( authority ) and one for roles ( rolify )
https://github.com/nathanl/authority
https://github.com/RolifyCommunity/rolify
You shouldn't have to create distinct views/controllers, however, depending on how divergent they are it may be appropriate. You should be able to do most of that logic by using logic to switch based on the permissions you set up.
current_user.can_edit?(page)
within the Authorization setup, you would have to determine who can edit/view/create/etc. There's a good writeup for doing this in the authority wiki.
We are trying to create different groups of users with restricted database
functionality using the railsAdmin plugin in Rails. Specifically, there is a
table in the database that indexes all personnel. We want to create two
levels of user accounts. "Admins" have access to all personnel. "Moderators"
have access to a subset of personnel only. Further, moderators should be
able to add personnel to the database, but they should be visible only to
that moderator and the admins. As an example, if user A is a moderator and
adds a person named "Dave,", we don't want Dave to be visible in the
dashboard for other moderators (e.g., B, C, etc). Similarly, if moderator B
adds a person, s/he should be visible only to moderator B. We are having
difficulty determining where in the code this type of functionality should
be added. Any pointers would be appreciated. Thank you.
Have you considered using CanCan with rails_admin?
There is a pretty good guide on authorisation using CanCan with rails_admin on their wiki:
https://github.com/sferik/rails_admin/wiki/Cancan
p.s. you might prefer to use CanCanCan which is more actively maintained
I'm using devise for authentication on Rails 3.1. Users are to be registered by administrators on my site (it's a site internal to a school, unknown people should not register.) Each user is alloted a role (Eg, student, teacher, admin, resource_person) on registration, and this role is used for authorizing activities.
Now I don't want the user to be able to edit their role, hence it's not placed under attr_accessible. Because of this, I'll have to manually set the role from the parameters when registering a user. Is there any simple way to do this with devise, or must I create a custom controller that inherits from the devise registration controller?
Assuming you simply want to be able to manage users as an admin, I think the best way is to simply create a CRUD interface for your users model (https://github.com/plataformatec/devise/wiki/How-To:-Manage-users-through-a-CRUD-interface).
If you want users to be able to manage some of their model (e.g. password changing), simply authorize them according to their role.