While trying to add roles-based authentication (using CanCan and Devise) to my project I found that there are two ways to save roles: the first one is "Has and Belongs_to" way and the second one is just saving role in new field in users table.
So, the question is, how can I define deafult user role in the first way and which way should I choose to define deafult role in the second one (setting default role in migration or editing Devise's user controller?)
Also, should I use this method or is it better to use gem instead?
P.S. I've already read Tony Amoyal's tutorial but didn't found an answer there.
If I understood the question correctly, here is what worked for me: Ruby on rails, cancan and default role assignment
Simply add the following into /models/user.rb to assign default role on signup:
after_create :default_role
private
def default_role
self.roles << Role.where(:name => 'User').first
end
This situation described in Rails AntiPatterns book: http://railsantipatterns.com/
Short answer is: use field in users table, set default role using migrations. This way is much simpler. You should not use complex solution just because it can possibly better suit your future needs.
You can do the following in user.rb:
after_initialize :set_default_role
private
def set_default_role
self.role ||= :user
end
A very easy users role solution can be implemented using this gem: https://github.com/platform45/easy_roles
Related
I'm making a Rails 6 application where I'm using Devise for authentication, Pundit for authorization and I added Active-Admin because I need a dashboard where admin users manage the content of the app.
Other than admin, I have a couple of more roles president, manager, guest. An admin can be president or manager.
I'm little confuse on what to use to implement the roles, with devise? pundit? I do it by hand?
Is it better to unite the User and the AdminUser model active-admin created? Because this way UserAdmin users can't log in to the application, only to the dashboard and that is not what I want.
I have seen tutorials where people add an admin:boolean column to the users, should I do something like that?
Is it better to unite the User and the AdminUser model active-admin created? Because this way UserAdmin users can't log in to the application, only to the dashboard and that is not what I want.
That depends more on your business logic. It may be a good idea to keep your users and admin_users tables separated; The users table will probably need to have a lot of associations with other tables, that will not be necessarily needed by admin_users, right?
I'm little confuse on what to use to implement the roles, with devise? pundit? I do it by hand?
You may define a role column in your admin_users table, and use that column in pundit policies, for example:
class ResourcePolicy
# ...
# ...
# ...
def update?
user.admin? || user.president?
end
end
in AdminUser, you can do the following:
class AdminUser < ActiveRecord::Base
def admin?
role == 'admin'
end
def president?
role == 'president'
end
end
There are many other ways to implement that, and they all depend on what you need to achieve.
I am creating a website in Ruby and I would like to have the option to sign up as an admin or a user. I have created the sign up system using devise and I would like to be able to give different permissions to different users, i.e Admins and Users. Thanks guys.
There's a comprehensive guide here.
Here's a post about using Devise and CanCan to accomplish what you are looking for.
You can add boolean fields admin and users into your User model. So while creating you can assign admin or user role.
This question is answered here:
how to define user roles
you can use devise + cancan and define roles like user and admin to separate common user and application admin.
class User < AB
has_many :roles
def is_admin?
roles.include?(:admin)
end
end
class Role < AB
end
and then check it in cancan's definition file like this
can :update, Model do |model|
user.admin?
end
this video give you detail about it http://railscasts.com/episodes/192-authorization-with-cancan
I'm using devise to handle my users and as part of my application each user has their own 'todo' list. I'm trying to create 5 items in a new list every time a new user is created (so they have some sample data).
What is the best way to do this? I've looked at migrations and seed.rb but these don't seem to meet my needs.
Any help would be really appreciated!
Cheers!
use :after_create hook.
class User < ActiveRecord::Base
after_create :populate_todo
private
def populate_todo
# do your stuff here
end
end
I have a multi-tenant rails app up and running.
Models that i want scoped to the current tenant (like this article model here) inherit the tenantscoped model like this
class Article < TenantScoped
end
this works great. i only recieve objects scoped to the current tenant.
but now im creating an admin interface where i want to be able to add articles to all tenants. but my admin interface is acting as a tenant and the models are being scoped to it.
Which ends with no entries being shown.
I am proposing that the best solution to this is to conditionally inherit from the tenant scoped model like this
class Article
unless SudoTenant.current?
< TenantScoped
else
< ActiveRecord::Base
end
end
i've been searching around to conditional inheritance for ruby classes and havent found anything yet. my syntax is wrong here or is this even possible?
Thanks in advance
You can define the class using the block syntax:
if SudoTenant.current?
Article = Class.new(ActiveRecord::Base) do
# your code
end
else
Article = Class.new(TenantScoped) do
# your code
end
end
I strongly recommend to use mixins instead of conditionally inheriting, it's cleaner, clearer and more obvious.
Not exactly what you're asking, but I happen to be doing the same thing (global articles on a tenant app), and I just created a Tenant for Admin for using it in my global Articles.
I've got something like this:
#article.rb
def self.global
unscoped.where(:company => Company.admin)
end
#company.rb
def self.admin
where(:name => 'admin').first # this can pretty much be anything that fits to you.
end
I want to design a role based system like Basecamp. A user can be editor of a brand and also he can be a worker in another brand. I'm using devise + cancan. How can i design a database for this situation? Thanks.
I would recommend a role model. In this scenario a user would have_and_belong_to_many :roles while a role would have_and_belong_to_many :users. This creates a many to many relationship between roles and users. See this RailsGuide for more info on associations.
In your CanCan ability.rb file you can do something like this (I am just guessing at your setup):
can :manage, Brand do |brand|
user.has_role?("brand_manager") && user.brands.include?(brand)
end
In your user.rb file it's helpful to write something like this:
def has_role?(name)
role = Role.find_by_name(name)
(self.roles.include?(role)) ? (return true) : (return false)
end
Hope this helps.
acl_system2. Its an old plugin, but checkout its readme file to see if it serves the purpose.