i am about to create the functionality for logging user activity in my application. I was thinking of using observers and then log events through another model, something like UserLog.
Before doing that though, i would like to ask if there is already a good gem out there than can save me some time on this.
Do you happen to know any ?
p.s. btw, i am talking about custom defined user activity as well as logging ip addresses and so on. The first case of custom actions logging is more important though.
edit for clarity: I'm not referring to model changes but logging posted form variables and actions like this, not model changes.
audited
audited is an ActiveRecord extension that logs all changes to your models in an audits table, with optional revision comments. acts_as_audited has been updated to work with Rails 3, to use it with older version of Rails .
Related
I am using rails and many of you may find this simple, but i'm confused whether to use logger or just write method calls.
What i'm looking for is that when a user either deletes or updates data using the app, the changes made by the user must to saved to a table in the database with his user name, the record he modified and the time at which he did.
Should i be using
before_delete , before_update
callbacks in model.
I'm really hitting my head, cause i am a beginner in rails. Any suggestion would be most welcome and also please give a insight or links on what i should be doing.
I am new to Active Admin but from what I have seen so far I think this is quite easy to implement.
I have an app with the apartment gem to add multi-tenancy.
I am adding active admin to my app. Apartment uses PostgreSQL schemas to segregate data. So for example by default your models in Apartment have a 'public' tenant unless you call something like Apartment::Tenant.switch!('abc').
In my app my User and Company model are in the public tenant and everything else is in tenants. So out of the box Active Admin works fine except that the tenant models show no records - as they should.
I did some tinkering and manually added Apartment::Tenant.switch!('abc') one of my AA model files and that worked perfect. Here is an ideal solution:
when the AdminUser logs in the tenant gets set to a default (say the first tenant)
On each tenanted model there could be a select menu that submits a param (?tenant=abc) and then the tenant is changed
The active tenant is persisted in perhaps the AdminUser session store so you can work in the same tenant data until you need to switch.
I think I can do this myself quite easily but I wanted to see if there was any Active Admin specific issues I would need to address like:
Does AA have an equivalent of a application controller? It would be nice to keep the tenant switching logic in there vs the main one.
The alternate AA Devise AdminUser has a separate session variable store available right?
Any suggestions would be appreciated - I will post my final solution / code back to this post once I sort it out.
Does AA have an equivalent of a application controller? It would be nice to keep the tenant switching logic in there vs the main one.
Indeed, there is an ActiveAdmin::BaseController, but the gem authors don't talk about using it for customization, not sure why. Seems like a fine place for the logic you're talking about.
I've never needed to modify it before, but here's a blog article from someone who did.
The alternate AA Devise AdminUser has a separate session variable store available right?
Hmmm. Devise uses Warden for session management, which supports multiple user 'scopes' logged in simultaneously as well as separate session data, and if memory serves from when I've dug around in the code Warden puts the separate session data in a different key in the same cookie. Not sure if this is what you meant, but I verified that it definitely does not use a different cookie for users vs admins in my current ActiveAdmin-using Rails project.
Not a definitive answer, but moving the ball!
I am new to Ruby on Rails. The rails application that I have developed has several models including one for user that stores user name, passwords and other user related information.
Now the problem is that a few columns of a table corresponding to a model has modified erratically. Now I want to know if Ralis has any feature so that I can know the user who has done this or this is because of some other reasons.
You can try installing Userstamp and maybe Paper Trail to track changes to records. If you've implemented the User model yourself (as opposed to a framework like devise), you'll need to read the docs carefully to see what properties are expected of your User models to get the full benefit.
Using devise
It adds other columns(yours) in migrate, before generate views
https://github.com/collectiveidea/audited might provide the auditing you require.
I'm working with a Rails 2.3 app that is already using declarative_authorization to handle user permissions. Each user belongs to one group (no fancy roles) with permissions on certain models, mostly the regular CRUD actions, but with a few special ones. This all works fine with declarative_authorization in it's usual out of the box mode.
We now want to allow admins to set permissions on particular groups of users with regards to model types. For example, we create a new group Foo, assign some users to it, and then decide with checkboxes if users in group Foo can c/r/u/d objects of model Bar.
I've used acl9 before, and I think I see how I could make that work. I've been a fan of CanCan lately, but I don't see how do it easily with that. If declarative_authorization can do this, I'll stick with it, but I'm prepared to bite the bullet and switch.
What plugin would be the best way to accomplish this? Is there a way to get declarative_authorization to do the job? An elegant way to use CanCan? Are there any gotchas I should watch for, e.g. database performance?
I could be convinced to upgrade the app to Rails 3.1, but I'd prefer to find a 2.3-compatible solution.
I've seen some similar questions, but no satisfactory answers
Rails Dynamic Role-Based Authorization plugin?
and this, for cancan
https://github.com/ryanb/cancan/wiki/Role-Based-Authorization
I'm a fan of the StoneWall gem - authorization checks are in the form of a Ruby block, so in that block you could look up records and see if the user in question has authorization.
There's not a lot of documentation, but the idea is:
a_user_object.may_read?(object)
If object is a Todo instance, then Stonewall will look int the Todo model and execute the read block
# app/models/todo.rb
stonewall do |s|
s.action :read do |todo, user|
todo.owner == user # only the owner of a todo item may read the item
end
end
This approach makes two things easy:
read is just a Ruby block, so whatever you want to happen can happen
actions can be given arbitrary names, so if you want to check to see if a user has permission to comment on a todo item (for example), just create a s.action :comment and access it with a_user_object.may_comment?(object)
Currently, I have a 6-model ruby on rails application, that I added authlogic to.
The overall setup is
User :has_many categories, topics,messages
Categories has_many topics,
Topics has_many messages
(With and the corresponding opposite belongs_to links).
When I try to access current_user.categories.find(2), no results are returned in the controller.
Furthermore, when I try to run this
current_user.topics.find(params[:topic_id]).messages.build
Then,
#msg = current_user.messages.build(params[:message])
#msg.save
It doesn't save the user_id from the has_many.
All features of this program were working before the current_user directives were added in.
Am I making a mistake with the setup? Or with the execution?
Because the association isn't saving after the build, could I later add the user_id field in the model?
Sorry about all the questions, and thanks in advance.
I think your best bet is to go step-by-step. What does current_user return? Does the id of that user match one in your db? Does that user have any categories? Do any of them have an id of 2?
If you can isolate your problem to a single layer in your chained calls, it will be much easier to debug.
Thanks Kyle.
I've solved the problem using a filter in the model instead of using the controller to assign it on creation through association.
Current_user simply returns the record of the current user using authlogic.
I'm liking where the project is bow, and might deploy it after some visual tweaking, security, and more css :).
Callbacks and filters are amazing with whatever you are developing.
Also, if you need to get an variable from the application_controller to the model use the dollar sign ruby variable, not a class instance variable (at-sign).
Rails is so easy compared to a roll-your-own Php or sintra app.
Also, How many models are used for rails apps?