Project

snapuser

0.0
No commit activity in last 3 years
No release in over 3 years
A rails engine to add a simple authentification and permission system.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

 Project Readme

Snapuser

A rails engine to add a simple authentification and permission system.

Installation

Add this line to your application's Gemfile:

gem 'snapuser'

And then execute:

$ bundle

In order to run the engine's migrations:

$ rake db:migrate

Usage

The gem provides two methods to securize your controllers and your views.

Use authorize_level(level) to prevent access to an action from a certain user level. In this example, only the users with a level 3 or higher can visit these pages.

class Admin::EventsController < Admin::BaseController
  before_action { |c| c.authorize_level(3) }

  def index
    @events = Event.all
  end

  def new
    @event = Event.new
  end

  def create
    ...
  end

end

Use authorize_level?(level) to know if a user is authorized compared to a given level.

<%= link_to "Add an event", new_event_path if authorize_level?(3) %>

Finally, if you just want that a user is connected, use the first method and pass the lowest level.

The plugin also provides few methods that can be useful:

  • current_user: return the connected user, or otherwise nil
  • signed_in?: check if a user is connected

The following URL are reserved by the plugin:

  • /login, login_path
  • /user/edit, user_edit_path
  • /user/update, user_update_path
  • /signout, signout_path
  • /sessions, sessions_path
  • resources /admin/users, admin_users_path

Configuration

Create an custom initializer to put your configuration.

You can configure the different permission's levels. Set Snapuser.levels with an hash:

# initializers/snapuser.rb

Snapuser.levels = {"superadmin" => "1", "admin" => "2", "author" => "3", "member" => "4"}

By default, the levels are {"superadmin" => "1", "admin" => "2"}.

Set Snapuser.superuser_level to configure from which level the users are allowed to edit the other users. By default, the superuser level is 1.

Set Snapuser.can_edit to configure from which level a user is allowed to edit his information (username and password).

Set Snapuser.redirect_url to configure where the user is redirected after a successful login. By default, "/profile".

Set Snapuser.layout to configure which layout is used in the admin views, when you edit a user for instance. By default, "admin".