Closed gregology closed 7 years ago
Hi Gregory, this not possible. Rails_db just running SQL queries, so this not possible to check user permission in SQL query
Is there some way to protect "/rails/db" route? Using devise so that only logged in users can access the backend and pundit to grant user access control by roles?
yes ... put your code in proc
config.verify_access_proc = proc { |controller| controller.current_user.admin? }
Excellent! Thank you!
Hi! Thanks for building this amazing gem. I have a quick devise question. Will this work with single table inheritance? I'm using a class of AdminUser (model admin_user) to authenticate. Any insight is greatly appreciated!
@Ray-Sutton thanks. I really this that it's possible.
Through controller
you can access methods in application_controller and do needed checks.
For example controller.current_user
returns current_user. Probably it returns instance of AdminUser. Or just need to do a little changes to make it works, try to put binding.pry in proc
above and debug.
Hi Igor, can you tell me what controller the admin views are using? I'm still trying to get devise to play nice with rails_db but I'm still having some issues.
@Ray-Sutton all controllers are inherited from https://github.com/igorkasyanchuk/rails_db/blob/master/app/controllers/rails_db/application_controller.rb
As you can see we have "verify_access" method which do verification logic using proc, and we don't have any dependency with devise gem.
You can use it like here
config.verify_access_proc = proc { |controller| controller.current_user.admin? }
(see readme).
Thank you. I've tried it from the readme and was still having an issue. I was hoping if I could tie it to a controller, I figured I could use device controller authentication.
@igorkasyanchuk I finally got it to work as expected with my devise STI user type.
config.verify_access_proc = proc { |controller| controller.current_user.class == AdminUser }
Thank you for your help!
This gem is great, thanks for your work! May I request a feature? Devise or general user integration so that users of an app can query their data. Thanks!