TechQA.

How do I assign specific roles to each user in rails?

882 views Asked by At

Suppose there are 2 roles- admins who can manage everything, and users who have registered, and need admin approval of the specific CRUD actions they can perform on each controller. Like X can create and read Articles only, while Y can perform update and delete actions. How do I also provide for the admin to assign the users these specific roles from the website itself?

ruby-on-rails ruby-on-rails-4 roles
Original Q&A
2

There are 2 answers

3
Mr H On BEST ANSWER

How about this Gem https://github.com/stffn/declarative_authorization/ ?

You can make it very granule. Define the roles then you can assign your CURD accordingly. Also it has a very good Helper methods that you can use to determine which role do what task on the View or Controller.

Assumption is based on

  1. User has many roles through AccessList
  2. Role has many users through AccessList
  3. AccessList belongs to role
  4. AccessList belongs to user

Here is a quick digram ( I assume you will take care of the Models )

enter image description here

Here is the module that I made to DRY some of the common tasks.

NOTE: Declarative Authorization has stacks of helpers, following is just to compliment them, some of the functions might be redundant and can be refactored and written better. It is just a nightly built :) 

module AuthenticationRelated
  def what_are_current_user_roles
    objArray = []
    current_user.roles.each do |role|
      objArray.push role.name
    end
    return objArray
  end

  def does_user_have_this_role?(role_name)
    result = false
    obj_array = what_are_current_user_roles
    obj_array.each do |a_role|
      if a_role == role_name
        result = true
      end
    end
    result
  end

  def is_admin?
    athu = false
    if  signed_in?
      current_user.roles.each do |role|
        if role.name == 'admin'
          athu = true
        end
      end
    end
    return athu
  end


#  class_instance MUST be a parent class
# If you need to Authenticate
  def user_allowed_create_and_edit?(class_model, class_instance)
    user_is_allowed = false
    if permitted_to? :create, class_model.new and has_user_own_this(class_instance)
      user_is_allowed = true
    else
      user_is_allowed = false
    end
    # Override everything if user is admin
    if is_admin?
      user_is_allowed = true
    end

    return user_is_allowed

  end

# Authentication for Builder
# relation has to be set to access_list
  def has_user_own_this(model)

    user_who_owns_this = model.access_list.user_id
    if current_user.id == user_who_owns_this
      return true
    else
      return false
    end

  end

  def find_current_user_acls
    acl = []
    acls = AccessList.joins(:user).where("users.id = ?",current_user.id)
    acls.each do |an_acl|
     acl.push an_acl.id
    end
    acl
  end

end
3
caspg On

You should check rolify gem: https://github.com/RolifyCommunity/rolify

But if you want just 2 roles(User and Admin), you can add new column to user table :admin, :boolean, default: false, then you can check in your controllers you can write before_filter which check if @current_user.admin and if not it redirects or does smth else.

In your view you can hide buttons for updating and deleting unless @current_user.admin

Related Questions in RUBY-ON-RAILS

Related Questions in RUBY-ON-RAILS-4

Related Questions in ROLES

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions