I would like to create a membership record when a user grants access to an app.
Does Doorkeeper have any event?
My solution was to use a rails observer:
Gemfile:
gem 'rails-observers'
app/models/doorkeeper/access_token_observer.rb:
class Doorkeeper::AccessTokenObserver < ActiveRecord::Observer
def after_create(access_token)
# do stuff with:
# access_token.application_id
# access_token.resource_owner_id
end
end
Related
I'm trying to get this gem to work with Rails 4 application that will serve as a SAML identity provider.
The thing that is confusing me is the routes and the template I assume should be rendered. In the gem controller, there is this:
def new
render template: "saml_idp/idp/new"
end
My routes are just the basic setup from the example, which I assume should match the action in my custom controller that inherits from the gem controller.
I have this in my controller.
class SamlIdpController < SamlIdp::IdpController
def idp_authenticate(email, password)
true
end
def idp_make_saml_response(user)
encode_SAMLResponse("you#example.com")
end
end
And my routes.rb file:
get '/saml/auth' => 'saml_idp#new'
get '/saml/metadata' => 'saml_idp#show'
So, what am I missing here? There should be a view rendered, instead I'm getting No Route Matches errors. Thanks.
As per Doc, I think you missed including SamlIdp::IdpController module
please include SamlIdp::IdpController rather than excluding.
Hope, It will work.
The new update for saml_idp gem wants to include SamlIdp::Controller as a module. And the controller class can inherit from ApplicationController
In your case it will be:
class SamlIdpController < ApplicationController
include SamlIdp::Controller
end
rake routes gives the output
POST /admin/users(.:format) admin/users/new
But where is the new action executed? The /admin/user is the registered resource. There are no actions. However creating a new user through the standard AA form puts my user in the database but which controller is used?
UPDATE:
I want to create a new user using ActiveAdmin with a password and store the hashed password using devise. The new action works in my normal user controller which i test through rails console
#user=User.create(params.permit(:name, :phone, :active, :password_digest
#user.password = Devise.friendly_token
So far i hacked the action in the AA user.rb resource like this:(basically the same statements encapsulated in controller do...)
controller do
def new
#user.password = Devise.friendly_token
#user=User.create(params.permit(:name, :phone, :active, :password_digest
The Issue i have now it that the user gets saved in my db but with an unshashed password.(?)
The live demo and the documentation are a bit short on detailed information or examples on this issue.
ActiveAdmin uses inherited resources gem for the default controller actions. If you want to overwrite the new controller action, you can overwrite it in your activeadmin resource code like so:
ActiveAdmin.register User do
controller do
def new
super #use the default methods and response block
#user.activate! #if you want to add some methods
end
end
end
The ActiveAdmin Gem creates a Admin::UsersController on the fly, based on the configuration of you admin/user.rb
Am using cancancan and activeadmin gems in my application, in cancan gem i want to pass the params to ability.
controller.rb
controller do
def scoped_collection
end_of_association_chain.accessible_by(current_ability, params[:project_id]) # passing params
end
end
ability.rb
if ((user.has_role? :LA_Tracker_Manager) && (user.has_application? :LA_Tracker))
can :manage, Job, project_id: params[:project_id] # getting the params heree
end
if (user.has_role? :LA_Tracker_Analyst)
can [:read, :update], Job, employee_id: user.employee.id
end
the above code not working. how to achieve this.
I have a sensitive civic involvement Rails app. In it's Rails Admin I have disabled the delete and bulk_delete actions.
In rails_admin.rb I have something like
RailsAdmin.config do |config|
config.actions do
dashboard # mandatory
index # mandatory
new
export
show
edit
# delete
# bulk_delete
end
end
How can I override this behaviour for specific models, for example, SitePosts? I have tried using the "rails_admin do" block in the model, but it is not working obviously.
rails_admin do
configure :site_post do
actions do
new
show
edit
delete
end
end
end
You can use the only method for enabling actions for specific models. For instance, in your rails_admin.rb:
config.actions do
dashboard # mandatory
index # mandatory
new
delete do
only SitePost
end
end
The only and except methods are documented in the wiki under Base action.
I have Question model in my application.
app/models/question.rb
class Question < ActiveRecord::Base
...
end
I'm using 'pundit' gem for authorization. There are two controllers to do some changes in questions: one for registered user, one for admin.
I'm trying to create separate policies for controllers.
app/controllers/questions_controller.rb
class QuestionsController < ApplicationController
...
end
app/policies/question_policy.rb
class QuestionPolicy < ApplicationPolicy
...
end
app/controllers/admin/questions_controller.rb
class Admin::QuestionsController < Admin::ApplicationController
...
end
app/policies/admin/question_policy.rb
class Admin::QuestionPolicy < Admin::ApplicationPolicy
...
end
When I'm trying to use 'authorize' method in Admin::QuestionsController it uses app/policies/question_policy.rb class not from admin folder.
Gem's documentation says that is should work like I described above (https://github.com/elabs/pundit#namespaced-policies).
Can somebody help me with that?
I was trying to get separated policies for the main app and the ActiveAdmin and ended up with a working solution by creating a customized PunditAdapter to be used in config/initializers/active_admin.rb
class NamespacedPunditAdapter < ActiveAdmin::PunditAdapter
def get_policy(subject, user, resource)
"ActiveAdmin::#{subject}Policy".constantize.new(user, resource)
end
def retrieve_policy(subject)
case subject
when nil then get_policy(subject, user, resource)
when Class then get_policy(subject, user, subject.new)
else
if subject.class.to_s.split('::')[0] == 'ActiveAdmin'
Pundit.policy!(user, subject)
else
get_policy(subject.class, user, subject)
end
end
end
def scope_collection(collection, _action = Auth::READ)
return collection if collection.class != Class
scope = "ActiveAdmin::#{collection}Policy::Scope".constantize
scope.new(user, collection).resolve
rescue Pundit::NotDefinedError => e
if default_policy_class && default_policy_class.const_defined?(:Scope)
default_policy_class::Scope.new(user, collection).resolve
else
raise e
end
end
end
Another option would be to use an ActiveSupport::Concern as pointed out here
I've created issue in github source code and it was closed with such explanation:
The docs refer to the currently unreleased master branch. You can use it by referring to the github source in your Gemfile.
# Gemfile
gem 'pundit', github: 'elabs/pundit'
A bundle install later your code should work.
You can switch back to a released version on Rubygems as soon as 0.3.0 is out. We're still discussing a few namespacing issues, but it will come soon.
If anyone is still looking for this functionality, I needed it as well for splitting up authorizations between ActiveAdmin and my end-user facing site. I built a Pundit compatible gem for controller-based namespaced authorizations (your policies will work), and I plan to follow any features released for pundit. It also includes an ActiveAdmin adapter.