Thursday, November 26, 2009

Ruby on Rails Easy roles plugin

Easy roles is a plugin for Ruby on Rails which is very usefull for your site if it has lot of roles. So by using this plugin you can restrict the access to controllers based on the roles. Follow the below process to install it for your application.

cd yourappname

ruby script/plugin install git://github.com/platform45/easy_roles.git

Now the plugin is installed in your vendor/plugins folder

Below is the Basic Setup process you need to do after plugin installed successfully
Add the following to your enviroment.rb in the rails initializer block
config.gem 'easy_roles', :source => 'http://gemcutter.org'

Add a "roles" column to your users model, and set the default value to "--- []". Please note you can call this column anything you like, I like to use the name "roles" for meaning full.

For users table migration table add below
t.string :roles, :default => "--- []"

Then you need to add "easy_roles :column_name" and some logic to your model.


class User < ActiveRecord::Base

# Serialize roles as an array
serialize :roles, Array

# Create an empty roles array on create
before_validation_on_create :make_default_roles

# Convenience method, is user an admin?
def admin?
has_role?("admin")
end

# Checks to see if a user has requested role
def has_role?(role)
roles.include?(role)
end

# Add a role to a user
def add_role(role)
self.roles << role
end

# Remove a role from a user
def remove_role(role)
self.roles.delete(role)
end

# Clear all users roles
def clear_roles
self.roles = []
end

private
def make_default_roles
clear_roles if roles.nil?
end
end

And thats it.
The above model gives you the options like below in controllers
@user = User.first
@user.add_role 'admin'
@user.save!

@user.has_role? 'admin'
=> true

@user.admin?
=> true

@user.remove_role 'admin'
@user.save!

@user.admin?
=> false

Usage
Easy roles extends your model, and adds a few methods needed for basic role authorization.

adding a role to a user
add_role 'role'

removing a role from a user
remove_role 'role'

check to see if a user has a certain role
has_role? 'role'
# or
is_role? # role being anything you like, for example 'is_admin?' or 'is_awesome?'

== Examples

@user = User.first

@user.add_role 'admin'

@user.is_admin?
=> true

@user.has_role? 'admin'
=> true

@user.is_awesome?
=> false

@user.add_role 'awesome'

@user.is_awesome?
=> true

@user.remove_role 'admin'

@user.is_admin?
=> false

etc etc

== Protecting controllers

There are many ways to implement views for specific roles, so I did not specifically supply one. Here's an example on what you could do:

class ApplicationController < ActionController::Base

def admin_required
unless current_user && current_user.is_admin?
flash[:error] = "Sorry, you don't have access to that."
redirect_to root_url and return false
end
end

end

Then in your AdminsController or any controller that you only want admins to view:

class AdminsController < ApplicationController
before_filter :admin_required
end

class MarksController < ApplicationController
before_filter :admin_required, :only => :create, :update
end

check out more information at
http://blog.platform45.com/2009/10/05/howto-basic-roles-for-users for implementation

No comments: