I am developing an app in Rails 3, currently I use Devise as the login and Rails_admin as the admin panel with Paper_trail tracking all changes made by 'user' model... Problem is I have two user models, User and Admin. So a line of code in rails_admin.rb (initiliazer) to setup Paper_trail to track history:
config.audit_with :paper_trail, User
Is there any way to have paper_trail monitor changes made by both User and Admin, or can it only follow one model? I notice that even when it is set like this, and I make a change from within Rails_admin as an admin, the change says it was made by the User with the same ID as the admin that made the change.
The best way to handle this is to install CanCan, remove my Admin Model, and take advantage of using Multiple Roles within a single model for the current situation.
Related
In rails_admin wiki with Devise it has example with only one model. I have two models Admin and Owner. I will define their roles with cancancan.
Is it possible to make more than one model, which uses Devise, able to login to rails_admin dashboard? I just can't find any examples.
Using only one model with diffrent roles may be bad solution, because there each of them will have very different attributes.
The only method I have found is to use inheritance.
I have Admin and User models in which I want to use my rails_admin. I have created Person model which will be parent class for both of them.
Then I added devise for Person with CanCan authorization.
To explain it in a sentence, I am asking if it is possible to use the ActiveAdmin gem to create admin pages specific to admin users, i.e. each admin user only gets to see models and associating models specific to him. If so, how would I implement this?
To further explain my situation, I have a model called Sponsor(who would essentially be the admin users), and they put up different offers(another model that belongs to Sponsor) for users to redeem. So what I am trying to do is create an admin page where each sponsor gets his own admin credentials, and the admin page only shows the information that relates to this sponsor, i.e. the information regarding the offers this sponsor put up, and all relating models and its details. Is this possible to implement using the ActiveAdmin gem or any other gems for that matter?
I would rather not implement this from scratch if there are gems out there that I could use. Any suggestions?
I haven't tried this myself but it should be easily achievable in ActiveAdmin
either by changing the default scope on per controller basis or by using AuthorizationAdapter.
We'd like all users to be able to access ActiveAdmin, however, we would like to limit the creation of new users to specified administrators. The ideal outcome would be that only administrators see the users resource.
Currently, any user can go on to users.rb and create a new user. How do I limit this so that only specified administrators can create users? How do I stop users from seeing this resource unless they are specified as an administrator?
Do I need to add an admin attribute to the users model? From there what do I do?
Using Rails 4 with Devise.
I only have a users.rb model, no adminusers model.
When installing ActiveAdmin I used:
rails g active_admin:install User # creates / edits the class for use with Devise
Thanks very much for your help!
I think you need some ability managment:
https://github.com/CanCanCommunity/cancancan
https://github.com/activeadmin/activeadmin/blob/master/docs/13-authorization-adapter.md#using-the-cancan-adapter
I am trying to have Devise create a single User model and have different roles be a separate model. My User model (from rails g devise User) has a email, first name, last name, and role field.
The roles are admin, spectator, competitor. So, I created admin, spectator, and competitor models who all inherit from the User model.
I followed the top answer from devise and multiple "user" models and I can create a user. However, my competitor model migration also has other information such as contest name and location that are not required for the other models. When I do Competitor.create() and put in the necessary information for creating a devise User, the User gets stored in the database even though I have null constraints on the competitor model for contest name and location.
When I do Spectator.all, the recently created competitor data shows up which I thought it shouldn't....
My question is how should I be setting this up so that a competitor user doesn't get created unless his contest name and location is provided.
Another question is why when I do Spectator.all is the competitor's information displaying?
There is a much better way to use devise for multiple users.
Use Rolify Gem
It makes development much easier faster and more secure. You can have the configuration as per your requirement in the question "Single User model and each roles have a separate model"
Tutorial for using Rolify gem + Devise by Rolify Gem developers
If you want an authorization system, so go for CanCan created by Ryan Bates. With CanCan you can have many Roles. I am using it with devise with no problems. See Role Based Authorization and Separate Role Model. And check this ScreenCast about CanCan
This might be a very simple questions as I am just getting started with RoR and been doing as much learning through resources as possible. Basically I am using Active Admin to handle the admin portion of my application. What I am wondering about is creating a user model. I know Active Admin uses Devise for its autherzation so if run rails generate active_admin:resource Userit should create the user model the same way as if I ran it with Devise correct?
The end goal is to have the main front end page be a login for users that are created by the admin on Active Admin (no sign up from the front end) that will lead them to the secure information like Profile, orders, what ever.
What you're looking to do (assuming that you want to separate out the idea of Admin Users versus regular users) is first generate the new devise model as you normally would:
rails generate devise user
Then create a resource to manage them within active admin
rails generate active_admin:resource User
The rest is a standard devise integration assuming the pages are outside the scope of Active Admin.