Multi user/site rails app - ruby-on-rails

I need to create a web app where people will sign up, call it main-app.com, when they sign up my code will generate a usersite.my-app.com, they will login and only be able to manage their mini site. My question is, is it correct to model this out by creating a table for site, a table for user, users belong to site and site has many users. Then I should create a content table that belongs to user AND site?
Is that right?

I am working on this for one of my apps at the moment using the Devise authentication plugin.
To get the central user environment, I was simply going to shard the database using Octopus, Connection_ninja. All are on Github
It's a starting point but not the full solution I'm afraid as I haven't got there myself yet. There are going to be issues to consider such as determining authorization of app specific resources based on which site the user has registered.
Alternatively, The latest edition of Ruby Weekly links to an interesting article on a Ruby implimentation of the Central Authentication Service protocol. It will be worth a read - http://blog.econify.com/2010/12/introducing-classycas.html
Hope this helps a bit...

Related

Creating a User control panel for multiple user_types in Rails

I am developing a job portal website as part of a project for university and not exactly sure how to approach this problem, I am using Devise for my authentication system allowing users to sign, The system will have many user_types (job_seeker, company).
At the moment I am using “Rails_admin” for the admin interface, but I am looking to create an interface where a company can manage their jobs, applications, etc, and for job_seekers to view their previous job applications, and job status etc.
My plan was to develop it so in the controller it checked the user_type and then redirected it to a control panel, which would hopefully allow all users go sign in using one login page, but my question is, how do I go about developing a “job_seeker” and “Company” control panels where they can manage their details.
I am looking for information on how to approach this problem, or the best method to achieve a solution.
Did you try using a gem that allow you or simplified role user management like cancan?
A good approach is as Maxence said, have a namespace for every role and a dashboard controller to show what you need. This will help you to keep things spited and will be more easy to maintenance. You can check it here how use namespaces. You can do it as well with a resource but I dont like it.
Other thing that you can do is having a single dashboard controller and redirect depending of the user role.

Is it possible to pass on user session from a PHP or Rails app to a meteor app?

I want to create a web application in which the main application shall be built using a PHP Framework or RoR. However, there are some sections only, that need real time updates (e.g., collaborative editing, real time feeds) etc. Is it possible that if a user is authenticated on the PHP/RoR app, the user session data can be passed on to the meteor app ? Can the 2 applications share the same database? Any insight on how do I go about implementing this ?
While it is possible to do what you've asked you should possibly ask yourself if you can't achieve your goals with one tech stack. Having multiple tech stacks like Meteor and RoR / PHP means anyone that wants to work on your codebase needs to know all of these frameworks. Additionally you might be able to achieve your requirements around collaborative editing and real time feeds using PHP or RoR.
Since you have not posted your requirements it is hard to make concrete recommendations but maybe you should list your requirements use the least complicated tech stack to implement it.
Are you aware that RoR 4 has built in support for streaming: http://tenderlovemaking.com/2012/07/30/is-it-live.html
You might be able to implement your collabaration requirements using a JS library liek Angular or Ember JS which uses Ajax to keep the users screen in sync with what other users are doing.
Also, this blog post on how Trello is implemented might give you some ideas. They have a great web interface for collaboration: http://blog.fogcreek.com/the-trello-tech-stack/
With regards to your questions:
Two applications implemented in two different technologies can share the same database. You will need to choose a database that is supported by both technology stacks that you want to use. After that, point both applications at the same database.
If you authenticate a user in PHP/RoR app, you can then set a cookie for the user. Assuming your Meteor app is served from the same domain, you can then read in this cookie which might contain some kind of identifier for the authenticated users session. Your Meteor app could then check the db to see if this is a valid session for an authenticated user.

Using Devise to implement a front-door on a website, does Rails allow concurrent sessions?

First, my obligatory "I'm new to rails" statement: I'm new to rails.
Sorry for the following long-winded expository stuff, but I want to make sure I'm asking my question clearly. I'm building a sample manager for a small analytical lab. So far I have built the core user stuff using devise to manage sessions (Basically so I can use all of Devise's nice helper methods throughout my app). The users don't need to be securely separated, so there is no sign in form, it just automatically signs them in for whatever action the user wishes to do.
I would like to put a front door on the website for macro-security that signs in to either the user version of the site (described above) or the admin version. I understand how to implement this using Devise, however, I am unsure as to whether Rails allows this sort of double-session where there's a macro-security session on constantly while a bunch of internal sessions are created and destroyed. Again, sorry for the long-windedness and thanks for your time and help!
Decided to just give it a shot and it turns out it worked. I have to test to see if there are any kinks in the functionality, but as it stands it works well as a front-door while allowing the internal transient sessions.

What are people's opinions vis-a-vis my choice of authorization plugins?

I'm slowly but surely putting together my first rails app (first web-app of any kind in fact - I'm not really a programmer) and it's time to set up a user registration/login system. The nature of my app is such that each user will be completely separated from each other user (except for admin roles). When users log in they will have their own unique index page looking at only their data which they and no-one else can ever see or edit. However, I may later want to add a role for a user to be able to view and edit several other user's data (e.g. a group of users may want to allow their secretary to access and edit their data but their secretary would not need any data of their own).
My plan is to use authlogic to create the login system and declarative authorization to control permissions but before I embark on this fairly major and crucial task I thought I would canvas a few opinions as to whether this combo was appropriate for the tasks I envisage or whether there would be a better/simpler/faster/cheaper/awesomer option.
What about cancan by Ryan Bates?
Here you can get a complete visual guided implementation
Take a look at this, it might help:
Basic Rails 3 engine utilizing Authlogic, CanCan and Easy Roles
What about Devise? Take a look at the railscasts.com site.

Two Rails applications, one userbase, looking for a simplest solution to handle this

I have two Rails applications, let's call them A and B. A has existing user base and i want these users to be able to log in to B with the username and password managed in A.
B is altered version of Altered Beast forum and it would be nice if users of my application do not have to create another user account to use forum. My initial thought was just to swap out the User model with ActiveResource model. Forum is hosted on a different server so direct database connection to A's database is too much trouble.
My question is that is there any plugins or authentication system extensions that handle this kind of setup.
Altered Beast uses the restful_authentication plugin. Could you not just use the same plugin in application A pointed to the same database?
Edit:
Use a cooooooookies from application A.

Resources