search

igorkasyanchuk / rails_db

Rails Database Viewer and SQL Query Runner
https://www.railsjazz.com/
MIT License
1.46k stars 111 forks source link

Devise Users #60

Closed gregology closed 7 years ago

gregology commented 7 years ago

This gem is great, thanks for your work! May I request a feature? Devise or general user integration so that users of an app can query their data. Thanks!

igorkasyanchuk commented 7 years ago

Hi Gregory, this not possible. Rails_db just running SQL queries, so this not possible to check user permission in SQL query

jersingh commented 7 years ago

Is there some way to protect "/rails/db" route? Using devise so that only logged in users can access the backend and pundit to grant user access control by roles?

igorkasyanchuk commented 7 years ago

yes ... put your code in proc

config.verify_access_proc = proc { |controller| controller.current_user.admin? }

jersingh commented 7 years ago

Excellent! Thank you!

Ray-Sutton commented 7 years ago

Hi! Thanks for building this amazing gem. I have a quick devise question. Will this work with single table inheritance? I'm using a class of AdminUser (model admin_user) to authenticate. Any insight is greatly appreciated!

igorkasyanchuk commented 7 years ago

@Ray-Sutton thanks. I really this that it's possible. Through controller you can access methods in application_controller and do needed checks. For example controller.current_user returns current_user. Probably it returns instance of AdminUser. Or just need to do a little changes to make it works, try to put binding.pry in proc above and debug.

Ray-Sutton commented 6 years ago

Hi Igor, can you tell me what controller the admin views are using? I'm still trying to get devise to play nice with rails_db but I'm still having some issues.

igorkasyanchuk commented 6 years ago

@Ray-Sutton all controllers are inherited from https://github.com/igorkasyanchuk/rails_db/blob/master/app/controllers/rails_db/application_controller.rb

As you can see we have "verify_access" method which do verification logic using proc, and we don't have any dependency with devise gem.

You can use it like here

config.verify_access_proc = proc { |controller| controller.current_user.admin? }

(see readme).

Ray-Sutton commented 6 years ago

Thank you. I've tried it from the readme and was still having an issue. I was hoping if I could tie it to a controller, I figured I could use device controller authentication.

Ray-Sutton commented 6 years ago

@igorkasyanchuk I finally got it to work as expected with my devise STI user type.

config.verify_access_proc = proc { |controller| controller.current_user.class == AdminUser }

Thank you for your help!