Snapuser

A rails engine to add a simple authentification and permission system.

Installation

Add this line to your application's Gemfile:

gem 'snapuser'

And then execute:

$ bundle

In order to run the engine's migrations:

$ rake db:migrate

Usage

The gem provides two methods to securize your controllers and your views.

Use authorize_level(level) to prevent access to an action from a certain user level. In this example, only the users with a level 3 or higher can visit these pages.

class Admin::EventsController < Admin::BaseController
  before_action { |c| c.authorize_level(3) }

  def index
    @events = Event.all
  end

  def new
    @event = Event.new
  end

  def create
    ...
  end

end

Use authorize_level?(level) to know if a user is authorized compared to a given level.

<%= link_to "Add an event", new_event_path if authorize_level?(3) %>

Finally, if you just want that a user is connected, use the first method and pass the lowest level.

The plugin also provides few methods that can be useful:

  • current_user: return the connected user, or otherwise nil
  • signed_in?: check if a user is connected

The following URL are reserved by the plugin:

  • /login, login_path
  • /user/edit, user_edit_path
  • /user/update, user_update_path
  • /signout, signout_path
  • /sessions, sessions_path
  • resources /admin/users, admin_users_path

Configuration

Create an custom initializer to put your configuration.

You can configure the different permission's levels. Set Snapuser.levels with an hash:

# initializers/snapuser.rb

Snapuser.levels = {"superadmin" => "1", "admin" => "2", "author" => "3", "member" => "4"}

By default, the levels are {"superadmin" => "1", "admin" => "2"}.

Set Snapuser.superuser_level to configure from which level the users are allowed to edit the other users. By default, the superuser level is 1.

Set Snapuser.can_edit to configure from which level a user is allowed to edit his information (username and password).

Set Snapuser.redirect_url to configure where the user is redirected after a successful login. By default, "/profile".

Set Snapuser.layout to configure which layout is used in the admin views, when you edit a user for instance. By default, "admin".