sudosu / rails_admin_pundit Goto Github PK

View Code? Open in Web Editor NEW

37.0 4.0 28.0 22 KB

Rails Admin integration with Pundit authorization system

License: MIT License

Ruby 100.00%

rails_admin_pundit's Introduction

RailsAdminPundit

RailsAdmin integration with Pundit authorization system

Installation

Add this line to your application's Gemfile:

gem "rails_admin_pundit", :github => "sudosu/rails_admin_pundit"

And then execute:

$ bundle

Usage

First of all you need to configure Pundit (if you configured it already, skip this step). Include Pundit in your application controller:
```
class ApplicationController < ActionController::Base
  include Pundit
  protect_from_forgery
end
```
Run the generator, which will set up an application policy:
```
rails g pundit:install
```
For other configurations see Pundit's readme.

In your app/policies/application_policy.rb policy you need to add rails_admin? method:

class ApplicationPolicy
  ......
  def rails_admin?(action)
    case action
      when :dashboard
        user.admin?
      when :index
        user.admin?
      when :show
        user.admin?
      when :new
        user.admin?
      when :edit
        user.admin?
      when :destroy
        user.admin?
      when :export
        user.admin?
      when :history
        user.admin?
      when :show_in_app
        user.admin?
      else
        raise ::Pundit::NotDefinedError, "unable to find policy #{action} for #{record}."
    end
  end

  # Hash of initial attributes for :new, :create and :update actions. This is optional
  def attributes_for(action)
  end

end

Set pundit authorize method in config/initializers/rails_admin.rb initializer:

RailsAdmin.config do |config|
  ## == Pundit ==
  config.authorize_with :pundit

  ## == method to call for current_user ==
  config.current_user_method(&:current_user)
  ......
end

Now, in your model's policy you can specify a policy for rails_admin actions. For example:

class CityPolicy < ApplicationPolicy
  ......
  def rails_admin?(action)
    case action
      when :destroy, :new
        false
      else
        super
    end
  end
end

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

License

Licensed under the MIT license, see the separate LICENSE.txt file.

rails_admin_pundit's People

Contributors

Stargazers

Watchers

rails_admin_pundit's Issues

@record change values

Im writing a policy to edit a model. When the index is generated, the definition for the edit method is asked in order to show the button. But when I try to edit the object the variable changes and instead of showing the values of the object it only show the types of the input.

The thing is that I need to know the values of the object to check if I have permission to edit it. When I try to edit this object it checks twice the definition for edit. The first time aproves it, but not the second time and the applicacion crashes.

rails_admin policies need to be added to all policy classes

(Support Request)
I have added the rails_admin? method to the app/policies/application_policy.rb as per the readme but the code seems to want me to add the same/similar method to all other policies I have - eg the ones for different models. It does not see that the application_policy.rb acts as a fall back.

Is this correct behaviour or have I done something wrong?

remote: -----> Ruby app detected
remote: -----> Compiling Ruby/Rails
remote: -----> Using Ruby version: ruby-2.3.1
remote: Using rake 12.0.0
remote: Using concurrent-ruby 1.0.4
remote: Using i18n 0.7.0
remote: Using minitest 5.10.1
remote: Using thread_safe 0.3.5
remote: Using builder 3.2.3
remote: Using erubis 2.7.0
remote: Using mini_portile2 2.1.0
remote: Using rack 2.0.1
remote: Using nio4r 1.2.1
remote: Using websocket-extensions 0.1.2
remote: Using mime-types-data 3.2016.0521
remote: Using arel 7.1.4
remote: Using acts_as_votable 0.10.0
remote: Using public_suffix 2.0.5
remote: Using execjs 2.7.0
remote: Using bcrypt 3.1.11
remote: Using sass 3.4.23
remote: Using coffee-script-source 1.12.2
remote: Using method_source 0.8.2
remote: Using thor 0.19.1
remote: Using orm_adapter 0.5.0
remote: Using multipart-post 2.0.0
remote: Using tilt 2.0.5
remote: Using hashie 3.4.6
remote: Using high_voltage 3.0.0
remote: Using multi_json 1.12.1
remote: Using turbolinks-source 5.0.0
remote: Using jwt 1.5.6
remote: Using bundler 1.13.7
remote: Using pr_geohash 1.0.0
remote: Using multi_xml 0.6.0
remote: Using nested_form 0.3.2
remote: Using pg 0.20.0
remote: Using puma 3.6.2
remote: Using remotipart 1.3.1
remote: Using ratyrate 1.2.2.alpha
remote: Using tzinfo 1.2.2
remote: Using rsolr 1.1.2
remote: Using nokogiri 1.7.0.1
remote: Using mime-types 3.1
remote: Using rack-test 0.6.3
remote: Using warden 1.2.6
remote: Using sprockets 3.7.1
remote: Using websocket-driver 0.6.4
remote: Using addressable 2.5.0
remote: Using autoprefixer-rails 6.6.1
remote: Using uglifier 3.0.4
remote: Using coffee-script 2.4.1
remote: Using faraday 0.10.1
remote: Using omniauth 1.3.2
remote: Using turbolinks 5.0.1
remote: Using haml 4.0.7
remote: Using activesupport 5.0.1
remote: Using sunspot 2.2.7
remote: Using loofah 2.0.3
remote: Using rack-pjax 1.0.0
remote: Using mail 2.6.4
remote: Using bootstrap-sass 3.3.7
remote: Using koala 2.4.0
remote: Using oauth2 1.3.0
remote: Using rails-dom-testing 2.0.2
remote: Using globalid 0.3.7
remote: Using activemodel 5.0.1
remote: Using jbuilder 2.6.1
remote: Using pundit 1.1.0
remote: Using rails-html-sanitizer 1.0.3
remote: Using omniauth-oauth2 1.4.0
remote: Using activejob 5.0.1
remote: Using activerecord 5.0.1
remote: Using carrierwave 1.0.0
remote: Using omniauth-facebook 4.0.0
remote: Using actionview 5.0.1
remote: Using actionpack 5.0.1
remote: Using actionmailer 5.0.1
remote: Using railties 5.0.1
remote: Using kaminari 0.17.0
remote: Using actioncable 5.0.1
remote: Using sprockets-rails 3.2.0
remote: Using simple_form 3.4.0
remote: Using coffee-rails 4.2.1
remote: Using d3-rails 4.7.0
remote: Using responders 2.3.0
remote: Using font-awesome-rails 4.7.0.1
remote: Using jquery-rails 4.2.2
remote: Using jquery-turbolinks 2.1.0
remote: Using jquery-ui-rails 5.0.5
remote: Using sass-rails 5.0.6
remote: Using rails 5.0.1
remote: Using devise 4.2.0
remote: Using mailboxer 0.14.0 from git://github.com/ging/mailboxer.git (at master@0e41d6a)
remote: Using sunspot_rails 2.2.7
remote: Using rails_admin 1.1.1
remote: Using messaging 0.0.1 from git://github.com/erm213/rails-messaging.git (at master@d4a5db8)
remote: Using rails_admin_pundit 0.0.1 from git://github.com/sudosu/rails_admin_pundit.git (at master@2b793c1)

Superseded by https://github.com/sferik/rails_admin/pull/2399

RailsAdmin basically now has the exact same code but with tests since railsadminteam/rails_admin#2399 has been merged

Update README and recommend using the RailsAdmin pundit authorization extension?

NoMethodError at / undefined method `policy' for #<RailsAdmin::MainController:0x0055914e2523a0>

I honestly don't know if this is a bug or an issue with my implementation, but I followed all the instructions and still can't figure out a solution. I'm on Rails 5 and I use pundit with devise.

Here's a snippet of my Gemfile:

gem 'devise'
gem 'devise-i18n'
gem 'rails_admin', '~> 1.0'
gem 'rails_admin-i18n'
gem 'rails_admin_tag_list', github: 'kryzhovnik/rails_admin_tag_list'
gem 'pundit'
gem "rails_admin_pundit", :github => "sudosu/rails_admin_pundit"

And a snippet of my rails_admin initializer:

RailsAdmin.config do |config|
  config.authorize_with :pundit
  config.current_user_method(&:current_user)
  ...
end

My Application policy looks like this:

class ApplicationPolicy
  attr_reader :current_user, :record

  def initialize(current_user, record)
    @user = current_user
    @record = record
  end

  def index?
    false
  end

  def show?
    scope.where(:id => record.id).exists?
  end

  def create?
    false
  end

  def new?
    create?
  end

  def update?
    false
  end

  def edit?
    update?
  end

  def destroy?
    false
  end

    def rails_admin?(action)
        case action
        when :dashboard
            @user.admin?
        when :index
            @user.admin?
        when :show
            @user.admin?
        when :new
            @user.admin?
        when :edit
            @user.admin?
        when :destroy
            @user.admin?
        when :export
            @user.admin?
        when :history
            @user.admin?
        when :show_in_app
            @user.admin?
        else
            raise ::Pundit::NotDefinedError, "unable to find policy #{action} for #{record}."
        end
    end

end

Do you have any idea why this isn't working ? Thanks in advance

ps: I created a question on stackoverflow

NoMethodError at / undefined method `admin?' for nil:NilClass

thanks for making up this gem, not sure why I am getting this error message

NoMethodError at / undefined method `admin?' for nil:NilClass

my application_policy looks like following.

class ApplicationPolicy
  attr_reader :user, :record

  def initialize(user, record)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @record = record
    Rails.logger.info user
  end

  def index?
    user.admin? or user.staff?
  end

  def show?
    scope.where(:id => record.id).exists? and (user.admin? or user.staff?)
  end

  def create?
    user.admin? or user.staff?
  end

  def new?
    create?
  end

  def update?
    user.admin? or user.staff?
  end

  def edit?
    update?
  end

  def destroy?
    user.admin?
  end

  def rails_admin?(action)
    case action
      when :dashboard
        user.admin?
      when :index
        user.admin?
      when :show
        user.admin?
      when :new
        user.admin?
      when :edit
        user.admin?
      when :destroy
        user.admin?
      when :export
        user.admin?
      when :history
        user.admin?
      when :show_in_app
        user.admin?
      else
        raise ::Pundit::NotDefinedError, "unable to find policy #{action} for #{record}."
    end
  end

end

thanks.

ArgumentError at /user. - Rails 4 Rails_admin Pundit

Hi,
Thank you in advance for your software and you efforts.

I am trying to use rails_admin_pundit to add role based access
to rails_admin.

I am getting this error when I click on the users table in the rails_admin.

ArgumentError at /user. User(id: integer, email: string, ... 'shortened' ...role: integer) is not an ActiveRecord::Relation

I created an app using:
https://github.com/RailsApps/rails-devise-pundit

and followed the usage instructions at:
https://github.com/sudosu/rails_admin_pundit

This is in my user_policy.rb just to get things started...

def rails_admin?(action)
  case action
    when :destroy, :new
      false
    else
      @current_user.admin!
  end
end

I can get pundit to work outside of rails_admin
I am logged in as admin
I have googled the web for this error or similar issues.

Can someone help me with this?

Attached are a couple apps with the error, and a screen shot of what I see just before I press the Users model name link.

app with the error..

error file and screenshot

another app with the same error

Not needed: dropbox link...
link to screenshot, error page, and two apps that I have this problem in...

This gem is already included into rails_admin?

As I see rails_admin have similar extension https://github.com/sferik/rails_admin/blob/master/lib/rails_admin/extensions/pundit/authorization_adapter.rb
Do this gem have any differences from included version, or we should prefer RailsAdmin::Extensions::Pundit from rails_admin?