Ruby on Rails #48 Gem Rolify for assigning user roles - Complete Guide

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Thanks man! Very useful.

👍︎︎ 3 👤︎︎ u/Secretpray 📅︎︎ Aug 25 2021 🗫︎ replies

Hey! That's what I've been looking for!

👍︎︎ 1 👤︎︎ u/harriton 📅︎︎ Aug 25 2021 🗫︎ replies

Captions

and hello so whenever building a reuben rails application at one point of time you will want to add the user roles so you would be able to have an admin role that has some authorization rights you would have possibly an editorial that would have other access rights inside your application and there are actually a lot of different approaches to adding user roles so the easiest ones would be to add a role to the users table you can add like a boolean admin true or false you can add the a string where you can select a user role but maybe the most advanced and the most kind of a swiss army knife so the most versatile approach to adding and managing user roles is the gem rollify so it's really violet popular around the community and it has a lot a lot of [Music] approaches to how you can use this gem and set roles for a global user or set roles for a specific element for example a specific post so now we are going to go through this gem and see how it actually works and how you can use it in really a lot of different ways so first of all we are going to install the gem rollify so here you see i've got an empty ribbon rails application where i just have users that can log in and a list of posts so i'm going to add the roll file to our gem file and now i'm going to run bundle okay i'm reconnecting so i run bundle okay now what's next so i'm going to say rails generate trollify user so now they're going to assign roles to users that's why we said to user if you have admins or super admins you would say rail generate troll admin or admin user anyway we have generated a new model named drill.rb let's have a look at models role dot rb so you see it is polymorphic then we have added a row to user so here we've added rolloffice to our users model and we've added the a migration rollified create roles let's have a look at this migration if we go to db migrate here we have this migration where we actually create two tables a table with roles so all the role names and you see a role can belong to a resource so for example you have two different posts and two different posts you'll have different roles and a table with user roles so a user can have many roles and a role can have many users so it's kind of a has and belongs to many relationships sort of okay and now we're going to run rails be migrate to add these two tables to our database and let's have a look so i go to schema okay let's reload yes see we've added two tables so rows that belong to a resource that can belong to a resource uh that have a name and the well as i said a resource would be for example a post so a role can belong to a post but it doesn't have to and use roles so okay let's go on and yeah so now we can actually already add rows to a user so we can do it easily through the console for example let's say user.count okay we have one user let's say user.first dot add row and we will make the first user and admin okay and we have added the an admin role to the first user let's check if he has this role let's say user first has role admin and we get true let's check if he has a role editor so it is false okay and now how can we check this inside our application so let's go to our server let's start the server rails s and make this visible in a view so for example inside our application html we will see if the current user is an admin current user dot has role admin and like this we will see if the current user is an admin let's see if it works so are you admin true okay it works so like this through the console we assigned an admin role to the user we can also check all the roles available for the current user for example we can say equals current user dot roles let's see what it gives us okay so it gives us an association let's say we want to get the names of the roles so block and the role has a name so let's see and here we see that the current user has a role admin now let's uh log out and create a new user okay and let's see if he has this role so you see he is not an admin and he doesn't have any assigned roles and the relevant has a lot of these methods you can uh check if user has a role you can remove a role and so on so let's make it so that when a user signs up into the application he is assigned a default role and here is an example how we can assign a default role so we would add this to our user model something like uh after create assign default role so after the user is created in the database we give him some kind of default role for example it would be new user whatever if the user doesn't have any roles yet so let's see if this works i will log out and uh create a new user and expectedly i will have this role of new user you see they're just using a really simple callback okay and you see i was assigned the role of new user so looks good and well what if we want to have a list of users and display all the user roles and edit them well let's add a list of all our users first of all so now we don't have a view for users and a controller for this so let's do it we will create a new controller named users controller dot rb and as we did in our post controller we'll just do it with users controller so we will have an index page that will have all the users users equals user dot order or dot all doesn't matter and we don't need any other things from this right now they'll just have an index view and let's go to our roots and add resources for users now going to roots okay we have resources for posts and we'll add the resources for users and now we will add a view so we are going to our views and we'll create a folder users and inside this folder we'll create an index view index dot html dot erb and let's say users dot each do user and statement and we will get some kind of information about the user so we'll say equals user.email and we will add also display the user role so we'll say user dot roles dot block name okay let's see if it works i'll just add an additional break here and we'll navigate to slash users okay so here we see that we have three users in our database and the this user has uh the role new user this user doesn't have any roles and this user has a role of admin so looks good and what if you want to be able to actually edit the roles so we would be able to go to an edit user view and edit the roles well this is also quite easy to do so first of all we will create a new uh file named let's say edit dot html dot erb and here we would add a link to edit so we'll say equals link to edit uh user now let's see i forgot how it is let's go to the roots and see edit so edit user path yeah sure so edit user path add user and yeah the name would be something like edit or edit trolls okay let's see if this path works so we'll go back to slash users and we can go to edit roles or just it is the edit page but you see it is empty it is an empty page at the moment so we would need to actually add the something inside this edit view so the same as we have in post it would be just something like a form we would have a form with model user do form and statement here and we would say something like uh yeah so we would have something like form and then we would have check boxes for all the roles so let's say collection check boxes for roles so it will be role ids multiple then we will get all the roles that we have in that in the application at the moment so let's say roll dot o and we would get the ids of the rows and the names okay and we would need the submit button so we would say equals form dot button submit and possibly we would have an error field so form dot error for roles okay let's see if it works okay so undefined variable user so we would go back to our user's controller and we would also add the def uh edit and here we would get the current user so the same as we do with posts we will find the user by the params so we would go here and say at user equals user find by params id okay let's go here and see okay undefined local variable method user still so we are in edit the let's go back and try to add the add user okay okay so we would say something like at user dot errors for roles and we are going to add a few custom errors later on but let's see now so i'm going back to edit the user okay so at user dot errors now this didn't work let's see user errors for roles okay maybe the square gaps should work yeah actually going back okay so now we don't have any errors so well it is just blank for now we can work on it later so now this current user uh doesn't seem to have any rules let's just go back to users and see so we will edit the roles of this user of this one so x at x i'll go to edit trolls and you see he has a role of new user and i will let's say remove the role of new user and add an admin role for him okay and the action update could not be found so we should add an update action inside our user's controller so again similarly to the way we have it in our post controller it's just a regular update action so we will go to our user controller and add this update action we will also need to find the user so let's say user find params id we would say user dot update user params redirect to user or to users url notice a user was successfully updated or render edit looks fine and we would actually need to define these user params so how do we do this again go into our posts we will add a private method where we're going to add the user params so go in here we will add a private method named user params and what are we going to permit well a user can have multiple roles so they're going to permit role ids we would say uh like gaps like this role ids and square braces so that they permit many okay and this should kind of work let's just see i'm going back i will resubmit the form okay so params is missing yeah it should be user of course that's the problem of copy pasting so going back i will resubmit the form and it seems to have worked so i've added the role admin to this user you see he has a role of admin i'll go to the other user i will add the role of admin and new user submit and you see we've successfully updated the roles of this other user now what if we go to this user and try to remove all the roles i will go to submit and you see the user doesn't have any roles so looks good but usually if we want to add some kind of validation that there shouldn't be a user without any roles inside your application so we would add this inside our user dot rb let's go here and we would add some kind of validation we would say validates must have a role and we will make this validation then updating the user not when trading because when creating we don't have a role we assign a role after creating so we would say on update and now we will add this method must have a rule and we will actually move this both into private methods so we would say def must have a row and we would say so unless rolls any so if the user doesn't have any roles they're going to render an error so we would say errors dot add on the rolls uh column inside our form so you see inside our user's edit form we've we want to find the errors for roles so we would add the error on rows and we would add a message like uh must have at least one role okay and let's see if this kind of custom validation works so going back i will okay you must supply at least one validation yeah maybe it shouldn't be in private let's try once again okay must have a role you need to supply at least one validation maybe we should say valid date because it is a custom validation let's see okay so now it should work i'll move this back into private and let's see so i will try to let's say edit this user roles i will take away his owner role and submit and you see we get this error must have at least one draw so the error messages kind of work correctly and now i will provide control submit and it works i will go to this user that doesn't have any roles try to submit and you see we get this must have at least one draw so our new validation works it's all good but now we'll go deeper into understanding how this gem works so you see this jump is not for just setting roles on a user you can actually set roles on a specific resource like a post or a forum so for example you can make one user and manager of a group you can make another user an editor of the group another user moderator you can make a few users have different roles on a specific post but not have the same roles on another post and this is where you have the magic of roller five this is like the cool thing and the the strong feature of roller fie you don't just set roles on a user you can do that without using the jump but you can set roles uh for specific posts of specific comments or whatever so if we go back into this gem documentation we can find the something like resourcefire let's see so uh we can resourcefy a post and let's see how it would work i would go to post and i would say resourcify and what would it mean it means that we can set a user to have a specific role for this specific post so how would it work let's actually make it so that when a user creates a post now at the moment if you don't have any associations between users and polls we just don't and the post doesn't have a user id but we'll make it so that when a user creates a post he will be assigned a role of a creator of this specific post so how we're going to do it we'll go to our posts controller and here then we create the post after creating the post so if the post is saved we will take the current user and add a role let's say creator for this specific post and let's see if it works so i will go and create a new post post 11 whatever create the post and the user should have the current user should have been assigned a role of created to this post so it would actually want some kind of way to see all the users that have some kind of role on a post or the users that have a specific role on the post like all the users that are creators of a post all the users that have any role on the post so we can actually also find it here we would go to the vic key [Music] and we would add an association between users and posts so we would go to our post and add an association that a post has many users or has many creators so go into post.rb we would after sourcify say has many users for example okay let's start with just users and this way we'll get all the users that have any kind of role on the specific post so now going to our posts index we can display the users associated with this specific post okay let's say after the content will have a list of users and we would say post dot users you see we've added this association has many users through roles so we would say post dot users dot block email okay now i'm refreshing and we see no other posts have any associations with users but this specific post that we've just created uh after creating the post the current user was assigned a role of creator for this specific post so you see it is kind of really really versatile now we can also for example assign a role of editor to anybody who edits any post let's go and try to do this so if a user updates a post he will be assigned a role of editor so let's go and edit some kind of post i will change some text now go to posts and we see this user has another role for this post now let's go and edit the first post let's add some content okay i'm reconnecting yeah that's the problem of working in a cloud environment so i will resubmit okay and let's go back to posts and you see the current user has two different roles for this one post now you wouldn't want to see all the roles uh duplicated so we would say something like distinct pose.users.distinct so we don't get the same user device for the same post but we can also display not just all the users associated with this post but all the users associated through a specific role so as in this example a post can have many creators where the roles uh well the role name equals uh creator through roles and now we can get an association to all the users that have the creator role for this specific post so it would say post dot creators and here would also say creators okay now going back okay you see we see only the users that have the creator role on this specific post and this again is the magic and the power feature of rollify that you can set a role for a specific resource and the same way as we added the creators we can add the a list of editors so users that have the editor role on this post so here would say editors here again editors and go into pose.rb it would have has many editors where the role name includes editor okay and let's see okay undefined editors yeah i made a small typo here okay so here you see these specific posts have a role editor on them so looks good and the same way as we did with posts we can see inside our users which uh posts are associated with this specific user so for example they can go to our users.ob and say has many posts so we would go to user.rb and say user has many posts through roles and source type will be post okay and now let's go to our users view and see which posts are associated with this user so let's say equals user dot posts dot block let's say id and here are the ids of the post that the user is somewhat associated with and we can get the same way which both a user is an editor for and which posts a user is a creator for so we would say a user dot let's say created both and user doctor edited both let's say editor and creator like the names of the roles okay and go into our user ob we would add some additional uh has many relationships so here as in the example they have has many moderated forums would say has many uh creator posts their roles has name of crater on the source type post create all and the same with editor and here editor okay and now going back to our uh index of users we can see all the posts where the user has an editor role and a greater role okay so here for this post for the post with id 11 a user has a creator role and for the posts 10 and 11 the user has an editor role so that's uh it and you see there are a lot a lot of different kind of functions uh calls that you can do with realify so you can see all the roles that uh posts have you can see all the roles that users have uh you can find a user by a role you can find which roles a user has and so on so it's a really versatile swiss army knife solution you can set global roles like admin or editor and so on and you can set the roles per specific resource so per specific post so that's basically the power of realify and have fun implementing it in your application it's basically quite straightforward and that's it so bye

Info

Channel: SupeRails

Views: 1,756

Rating: undefined out of 5

Keywords: ruby, rails, ruby on rails, tutorial, programming

Id: URDKxGn0pxo

Channel Id: undefined

Length: 29min 24sec (1764 seconds)

Published: Fri Jul 30 2021