I need an authentication/authorization functionality where there will be an admin for the system. There are three different kinds of users with different privileges. When the user signs up, he can choose the role he desires.
The admin need to login, review and authorize the users before they can login.
Is there any gem that does this.
You could use Devise for authentication, together with CanCan for handling different roles. Both are wildly used and well documented gems.
You can use only cancan and it will serve the purpose which you are looking for as suggested by jlundqvist.
Related
I'm implementing a rails application that manage some objects let's call it project.
Every project has a:
category
region
company
I have to implement an authorization mechanism that allows me to assign user permission like that:
A User can edit all the project with region ASIA and can read all the project with category Information technology.
I found multiple gems that deal with authorization.
Which is the best one for you in relation to configurability and easy to use?
I like to use the Devise gem to authentication and user management, and Pundit to access authorization and scope policies. With Devise you can create users models easily and attach to oAuth services like Google, Github, Facebook... Also with Pundit is easy to create access policies to each resource in your app. Hope it helps!
I've been battling at how to accomplish this for a while and even started working on different solutions only to notice it's not very practical or could lead to problems.
Scenario: A user can create an Admin account and invite (mail invite) another user as a Client. I was thinking of using the devise_invitable gem to handle the invitation process. I'm not sure if I should have 2 models (Admin/Client).
Gems I've been considering:
devise
devise_invitable
cancancan
pundit
rollify
The thing is that whatever setup I use for authentication and authorization must comply with devise_invitable gem given that its a load of my mind to build that functionality myself.
Devise and Oauth 2.0. If you need an admin panel you can use rails_admin or there are a variety of admin gems as well, Or you can make your own.
I am pretty new to RoR development and newer to LocomotiveCMS...that said, I am trying to build a relatively simple site with LocomotiveCMS. Ideally, I would like to restrict the entire site from anonymous users, and then extend the roles as read-only, contribute, admin, etc. I see that Locomotive uses devise for authentication for /admin. Is there a way to restrict access to only authenticated users?
The easiest way to do this would be to make every page unpublished. Users would then have to be logged into the CMS to be able to see any of the pages.
This PR adds switch in page settings for restriction of anonymous users.
I am using Devise, Rolify and CanCan for my authentication & authorization.
I am also using RailsAdmin for my superadmin.
But, I would like to grant access to my other roles (say admin, agent, client).
Where each of those roles will only have access to some models/features within RailsAdmin.
Can I do that? If so, how?
Thanks.
There is a wiki on github. Read that https://github.com/sferik/rails_admin/wiki/CanCan
i have a simple record system in rails, it has customers, appointments and visits as models.
with visits and appointments belonging to customer.
i want a simple authentication plug-in for the owner of the application, to be able to log in and edit and create new data in the system (administrator user) and be able to add new admin users to be able to log in to the system.
a plus would be if the plug-in allowed the admin user to also create customer accounts for customers to be able to go on line check their own customer profile, appointments and visits details.
so basically a authentication plug-in for a super user and a limited user (to view their own profiles).
i don't want anything too fancy to be honest like sending a verification e mail etc.
thanks
Checkout Devise:
http://github.com/plataformatec/devise
There's a couple railscasts on it:
http://railscasts.com/episodes/209-introducing-devise
For role-based auth you can combine Devise with Cacan:
http://railscasts.com/episodes/192-authorization-with-cancan
http://gist.github.com/389299
http://railscasts.com/episodes/210-customizing-devise
I have a plugin for doing simple Role-based Access Control:
http://github.com/heavysixer/rolesystem
If you need simple
Check out: http://code.google.com/p/rolerequirement/
Use that with the restful-authentication plugin
I use it in 2-3 projects and it works great, I even did some hacking to enable ldap authentication too.