Routes in Rails SAML IdP - ruby-on-rails-4

I'm trying to get this gem to work with Rails 4 application that will serve as a SAML identity provider.
The thing that is confusing me is the routes and the template I assume should be rendered. In the gem controller, there is this:
def new
render template: "saml_idp/idp/new"
end
My routes are just the basic setup from the example, which I assume should match the action in my custom controller that inherits from the gem controller.
I have this in my controller.
class SamlIdpController < SamlIdp::IdpController
def idp_authenticate(email, password)
true
end
def idp_make_saml_response(user)
encode_SAMLResponse("you#example.com")
end
end
And my routes.rb file:
get '/saml/auth' => 'saml_idp#new'
get '/saml/metadata' => 'saml_idp#show'
So, what am I missing here? There should be a view rendered, instead I'm getting No Route Matches errors. Thanks.

As per Doc, I think you missed including SamlIdp::IdpController module
please include SamlIdp::IdpController rather than excluding.
Hope, It will work.

The new update for saml_idp gem wants to include SamlIdp::Controller as a module. And the controller class can inherit from ApplicationController
In your case it will be:
class SamlIdpController < ApplicationController
include SamlIdp::Controller
end

Related

generated path does not match custom route?

(Rails 4.2)
I have a miss-match of routes that's in the routes.rb file vs the generated from my page. What is it I am doing wrong?
This is the raked route I want to access :
see_hint_deck_card_tracker GET /decks/:deck_id/cards/:card_id/trackers/:id/see_hint(.:format) trackers#see_hint
I am actually taken to what I think is the correct url, but it tells me I don't have a route for this page:
http://localhost:3000/decks/9/cards/2/trackers/1/see_hint
I have the following routes:
resources :decks do
resources :cards do
resources :trackers do
member do
get 'see_hint'
end
end
end
end
app/controllers/tracker_controller.rb :
class TrackerController < ApplicationController
def show_hint
puts 'we found this'
end
end
inside my /decks/:id/cards/:id/show I have this link_to: (get_tracker, calls for a helper method to get the correct tracker)
<%= link_to "Reveal Hint", see_hint_deck_card_tracker_path(#card.deck, #card, get_tracker), id: "reveal_hint_button" %>
I think your error message is probably telling you you don't have a Controller for that route, not that the Route is missing. This is because you're using the plural resources in your routes.rb, but your controller name is singular:
# Your Code:
resources :trackers
controller TrackerController
# Expected Code:
resources :trackers
controller TrackersController
^^^
You'll also want to make sure your controller is available at app/controllers/trackers_controller.rb (note the plurality).

Routing to Controller in ActiveAdmin 1.0.0

rake routes gives the output
POST /admin/users(.:format) admin/users/new
But where is the new action executed? The /admin/user is the registered resource. There are no actions. However creating a new user through the standard AA form puts my user in the database but which controller is used?
UPDATE:
I want to create a new user using ActiveAdmin with a password and store the hashed password using devise. The new action works in my normal user controller which i test through rails console
#user=User.create(params.permit(:name, :phone, :active, :password_digest
#user.password = Devise.friendly_token
So far i hacked the action in the AA user.rb resource like this:(basically the same statements encapsulated in controller do...)
controller do
def new
#user.password = Devise.friendly_token
#user=User.create(params.permit(:name, :phone, :active, :password_digest
The Issue i have now it that the user gets saved in my db but with an unshashed password.(?)
The live demo and the documentation are a bit short on detailed information or examples on this issue.
ActiveAdmin uses inherited resources gem for the default controller actions. If you want to overwrite the new controller action, you can overwrite it in your activeadmin resource code like so:
ActiveAdmin.register User do
controller do
def new
super #use the default methods and response block
#user.activate! #if you want to add some methods
end
end
end
The ActiveAdmin Gem creates a Admin::UsersController on the fly, based on the configuration of you admin/user.rb

Rails engines : Controller inheritance and routes

I have an engine and in my main app, I have controllers inheriting some engine's controllers.
class UsersController < MyEngine::UsersController
end
How to force my engine to use the sub-controllers without having to recreate all my routes in my main app?
---- with decorators (JensD's solution):
I added to my engine.rb file
config.to_prepare do
Dir.glob(Rails.root + "app/decorators/**/my_engine/*_decorator*.rb").each do |c|
require_dependency(c)
end
end
and the decorator
MyEngine::MyController.class_eval do
end
But super is not possible...
A solution would be to create a sub-controller in my engine and use decorator on it but it seems strange...
I prefer to use this gem for decorators instead of require_dependency:
https://github.com/EPI-USE-Labs/activesupport-decorators
With this gem or your require_dependency you can use:
alias_method :super_index, :index
def index
...
super_index
end

Serve a file from public in a controller action

In my project, we have a single-page application, and our build process compiles the application into a single, static file at public/index.html.
The single-page application is responsible for handling all the routing in the app, so no matter whether you visit site.com or site.com/foo/bar/action or site.com/☃, I want the Rails application to serve public/index.html
I have this route:
match '*path', to: 'foo#index', via: :all
And in FooController:
class FooController < ApplicationController
def index
render 'index.html', layout: false
end
end
This does not work as I would hope; I get the error Missing template foo/index.html, application/index.html
Is it possible to serve an assets from public as part of a Rails controller action?
In Rails 5 I got this to work by doing
render file: "public/examplename.html", layout: false
This was way easier than I thought it would be.
I changed:
render 'index.html', layout: false
to
render 'public/index.html', layout: false
and everything worked as expected.
This appears to have changed. I'm trying to temporarily render a static file for the admin portion of my app, which will be a VueJS SPA that talks to rails via an API. I had to do the following:
routes.rb
match '*path', :to => 'console#index', :constraints => { :subdomain=>'console'}, :via=>:all
console_controller.rb
class ConsoleController < ApplicationController
def index
render :file=>'/public/console/index.html', :layout=>false
end
end
So using :file instead of no parameter on the path - because otherwise Rails 5 was trying to treat it like a normal view template.
With that path matching and a subdomain, this seems to work well, as all routes will pass through to the VueJS router.

pundit policies with namespaces

I have Question model in my application.
app/models/question.rb
class Question < ActiveRecord::Base
...
end
I'm using 'pundit' gem for authorization. There are two controllers to do some changes in questions: one for registered user, one for admin.
I'm trying to create separate policies for controllers.
app/controllers/questions_controller.rb
class QuestionsController < ApplicationController
...
end
app/policies/question_policy.rb
class QuestionPolicy < ApplicationPolicy
...
end
app/controllers/admin/questions_controller.rb
class Admin::QuestionsController < Admin::ApplicationController
...
end
app/policies/admin/question_policy.rb
class Admin::QuestionPolicy < Admin::ApplicationPolicy
...
end
When I'm trying to use 'authorize' method in Admin::QuestionsController it uses app/policies/question_policy.rb class not from admin folder.
Gem's documentation says that is should work like I described above (https://github.com/elabs/pundit#namespaced-policies).
Can somebody help me with that?
I was trying to get separated policies for the main app and the ActiveAdmin and ended up with a working solution by creating a customized PunditAdapter to be used in config/initializers/active_admin.rb
class NamespacedPunditAdapter < ActiveAdmin::PunditAdapter
def get_policy(subject, user, resource)
"ActiveAdmin::#{subject}Policy".constantize.new(user, resource)
end
def retrieve_policy(subject)
case subject
when nil then get_policy(subject, user, resource)
when Class then get_policy(subject, user, subject.new)
else
if subject.class.to_s.split('::')[0] == 'ActiveAdmin'
Pundit.policy!(user, subject)
else
get_policy(subject.class, user, subject)
end
end
end
def scope_collection(collection, _action = Auth::READ)
return collection if collection.class != Class
scope = "ActiveAdmin::#{collection}Policy::Scope".constantize
scope.new(user, collection).resolve
rescue Pundit::NotDefinedError => e
if default_policy_class && default_policy_class.const_defined?(:Scope)
default_policy_class::Scope.new(user, collection).resolve
else
raise e
end
end
end
Another option would be to use an ActiveSupport::Concern as pointed out here
I've created issue in github source code and it was closed with such explanation:
The docs refer to the currently unreleased master branch. You can use it by referring to the github source in your Gemfile.
# Gemfile
gem 'pundit', github: 'elabs/pundit'
A bundle install later your code should work.
You can switch back to a released version on Rubygems as soon as 0.3.0 is out. We're still discussing a few namespacing issues, but it will come soon.
If anyone is still looking for this functionality, I needed it as well for splitting up authorizations between ActiveAdmin and my end-user facing site. I built a Pundit compatible gem for controller-based namespaced authorizations (your policies will work), and I plan to follow any features released for pundit. It also includes an ActiveAdmin adapter.