1

I have only just jumped on the Rails in the last few months and have run into my first real snag in my current project which I have been unable to find an answer for.

My aim is to implement some fine grained control over which user role(s)/group(s), generated from Rolify and controlled by Pundit, have access to a particular category, subcategory or article via the Upmin admin console. A category/article should be capable of allowing more than one user role/group access to its contents.

The answer here demonstrates scoping a role to a particular instance of a model, which is nice, but I would also like to have that control from the model instance via a simple checkbox form in my applications admin console (Upmin_admin for those interested).

Am I right in thinking that there isn't too much to produce this functionality, other than creating a category/article instance view partial in the admin console which lists all of the roles/groups and their current CRUD settings for that particular category/article instance. Or am I missing a few intermediary steps?

A nudge in the right direction would be greatly appreciated. Thanks!

Some background of my app:

In my web application I have nested resources, categories, articles and comments like so: 

resources :categories do
  resources :articles do
    resources :microposts, only: [:new, :create, :edit, :destroy
  end
end

(I am aware it is not best practice to have nested resources deeper than one level, however I've only just jumped on the Rails train and :shallow = true wasn't delivering the results I was looking for.)

The categories act as nested sets courtesy of Awesome Nested Set and are capable of "holding" both categories and articles (and by extension comments).

Users are authenticated via an LDAP server using Devise - I will be configuring this in the near future to automatically allot a user to the correct group/role.

Community
  • 1
  • 1
Darragh
  • 19
  • 1
  • 6

1 Answers1

0

From re-reading the Rolify documentation I have come up with the beginnings of the solution to my problem.

Whenever a user creates a category, subcategory or article I'll run 

user.add_role :current_role Model.Instance_id

which I can then query from the admin portal by getting the instances id. Then by querying all of the user roles within the system and comparing them against the instances associated roles, I can create the view partial for the admin console.

model_instance = Model.find(instance_id)
model_instance.roles #returns all of the roles associated with that instance

I would also need to create a few methods to handle the (mass)assignment/reassignment of roles so that when a checkbox is (de)selected that the expected result is achieved, such as adding a role/group to a instance and vice versa. Probably something along the lines of (ruby flavoured pseudocode to follow!!)

users = User.with_any_role(:some_role)

def assignRoleToModel(model_instance, users, role)
  if model_instance.roles.empty?
    users.each { |u| u.add_role creatorRole model_instance }
  end
  flash[:warning] = "#{Model_instance.name} already has that role assigned to it!"
end

where model_instance is the instance of the model I want to control group/role access to, users is a list of users who have the role I want to add to the model_instance and role is the role I wish to allow access to the model_instance.

Update

An example of how to control roles via a form https://github.com/RolifyCommunity/rolify/issues/246

Darragh
  • 19
  • 1
  • 6