Hi All,
I want to authorize user according to role he has. I found some rails plugins,
ActiveRBAC ActiveACL
anybody has used them (how was it), or can provide little info (hints) how to go about role based authentication. I'll appreciate if anyone helps me with this.
Regards Gaurav
What I do?
I add new column in the Users table, and call it "status" which has different enum('user', 'moderator', 'admin')
Then in my controller, I would use:
before_filer :is_admin, :only => %w(this_method)
--
Thanks Jamal that was nice input.
Hi,
I am facing another problem, I am not able to install above mentioned plugins, as I have to evaluate them and finally conclude how to go about this.
Has anyone successfully implemented any thing recently using those plugins? i.e..
ActiveRBAC ActiveACL
Gaurav
You could do something like
def check_authentication unless session[:user] redirect_to :controller => "login", :action => "signin_form" return end end
# The authorization check uses the ruby detect function to great effect. Assumes each user has multiple roles and each of these roles can be assigned to multiple rights. Rights are defined as a controller- action combination and stored in the database in tables roles and rights.
def check_authorization user = User.find(session[:user]) unless user.roles.detect{|role| role.rights.detect{|right| right.action == action_name && right.controller == controller_name } } flash[:notice] = "You are not authorized to access Controller: " + controller_name + " Action: " + action_name session[:prev_controller]="error" unless session[:prev_controller] session[:prev_action] ="no_access" unless session[:prev_action] redirect_to :controller => session[:prev_controller], :action => session[:prev_action] return end session[:prev_controller] = controller_name session[:prev_action] = action_name end
This works out for me. Wherever you want this checked add before_filter
before_filter :check_authentication, :check_authorization
Regards, Rajesh
I use activeRBAC for a large project I'm currently working on. After having had it in place for 6 months, it looks nothing like it did. Great start and I like the Group/Role management interfaces and how it reports on how many users are in each. If you are looking for an rbac, it works great.
There is also a nice PDF doc for it that would give you some more insight into it. I like it, but it is a pretty large plugin, so you will likely modify it which some of it is easily done through mixins and overriding the views and controller functions.
Someone correct me if I'm wrong, but I don't think it is actively developed anymore (I could not really update anyway.)
In short. I would recommend it.
Fredrik
Thanks Rajesh for help,
Well Fredrik
but I don't think it is actively developed anymore (I could not really update anyway.)
I tried to install it but in vane, then I tried to access the repository given on its site through svn (radrails) could get it but how to make it work. The controllers,views had files and I ran the migration script and models were also present. But when I tried access http://localhost:3000/active_arbac/login or http://localhost:3000/active_arbac/registration it dint work.It complains of something not being initialized.
I have not used any plugins before how to get it running any idea.
Gaurav
I've been looking into Goldberg for this. http://goldberg.240gl.org
It looks like a powerful, flexible, and de-coupled solution for role based authentication.
"Goldberg is essentially just a before_filter that checks to see whether the user has the permissions to perform the incoming action. This includes AJAX requests etc. "
I'm curious if anyone reading this has any experience or comments about that project.
Hi,
Thanks all for replies. Yesterday I tried goldberg and it fits my need so got over the dilemma :).
Regards, Guarav
