Open sapientpants opened 6 years ago
hello, in fact we do not use devise, however we thought that many integrations of this library would. In general, authentication libraries have a helper method called current_user. therefore it's integration into this library is given by the injection of that helper into policy manager application controller, as it is in the readme example. I think that is the easiest way to integrate it. Do you have any idea on how to make that integration simpler or more elegant? If so, we will glad to discuss it's design
Best!
El lun., 7 de may. de 2018 2:27 p. m., sapientpants < notifications@github.com> escribió:
Any thoughts as to how current_user should be made available when Devise (and hence its helper that generates current_user) isn't being used?
I'm happy to work on this, but wanted to ask if anyone has an idea for how this should be done.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/prey/gdpr_rails/issues/10, or mute the thread https://github.com/notifications/unsubscribe-auth/AAAuyGUuUD-QzDvwYYffP9YRkWSkNMriks5twIQcgaJpZM4T1Vnz .
Off the top of my head I can think of two approaches.
I include option 2 for completeness as it seems even less elegant than option 1 which itself is not particularly nice.
It'd be nice if GDPR could just use current_user from my ApplicationController without me having to do anything extra.
This is also a problem for Devise users that use a model other than User for authentication. If you're authenticating a Person, for example, Devise creates current_person instead of current_user.
I've worked around this by creating a controller concern (app/controllers/concerns/auth_helpers.rb):
module AuthHelpers
extend ActiveSupport::Concern
def current_user
current_person # assumes the Devise helpers are also included
end
end
and I include this in the PolicyManager ApplicationController (in config/initializers/gdpr.rb):
PolicyManager::ApplicationController.send(:include, AuthHelpers)
Any thoughts as to how current_user should be made available when Devise (and hence its helper that generates current_user) isn't being used?
I'm happy to work on this, but wanted to ask if anyone has an idea for how this should be done.