ソフトウェア/rails/devise+権限管理

(380d) 更新

公開メモ

ユーザー&権限管理の定番らしいです

devise の設定

参考:http://easyramble.com/check-list-for-rails-devise.html

gem のインストール

参考:https://qiita.com/iamdaisuke/items/79d60b3c23e465ae6460

Gemfile

+ gem 'devise'
+ gem 'devise-i18n'
+ gem 'rails-i18n'
LANG:console
$ bundle install
$ sprint stop
$ rails g devise:install
       create  config/initializers/devise.rb
       create  config/locales/devise.en.yml
 ===============================================================================

 Some setup you must do manually if you haven't yet:
 
   1. Ensure you have defined default url options in your environments files. Here
      is an example of default_url_options appropriate for a development environment
      in config/environments/development.rb:
  
        config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
  
      In production, :host should be set to the actual host of your application.
  
   2. Ensure you have defined root_url to *something* in your config/routes.rb.
      For example:

        root to: "home#index"

   3. Ensure you have flash messages in app/views/layouts/application.html.erb.
      For example:

     <%= notice %>
     <%= alert %>
  
   4. You can copy Devise views (for customization) to your app by running:

      rails g devise:views

 ===============================================================================
$ rails g devise user
$ rake db:migrate

i18n の付いたのを入れないと

MissingTranslationData in Devise::Registrations#new

というエラーが出て困る。

参考:
http://jewelrybox.wpblog.jp/2017/09/05/active_admin%e3%81%a7%e3%81%ae-i18nmissingtranslationdata-%e3%81%ae%e3%82%a8%e3%83%a9%e3%83%bc%e3%81%ae%e5%af%be%e5%87%a6/
http://jewelrybox.wpblog.jp/2017/08/08/devise%E5%B0%8E%E5%85%A5%E3%81%A8%E6%97%A5%E6%9C%AC%E8%AA%9E%E5%8C%96-rails/
https://github.com/tigrish/devise-i18n

sprint stop をしないと rails g devise:install が帰ってこない。

参考:http://ohara.geniusroots.com/entry/2017/03/26/145253

ユーザー名を追加する

参考:http://easyramble.com/add-field-devise-signup-form.html

LANG:console
$ rails generate migration AddNameToUsers name:string
$ jed db/migrate/***_add_name_to_users.rb
 class AddNameToUsers < ActiveRecord::Migration
   def change
     add_column :users, :name, :string, null: false, default: ''
     add_index :users, :name, unique: true # ← 必要に応じて
   end
 end
$ bundle exec rake db:migrate
$ rails g devise:i18n:views

app/views/devise/registrations/new.html.erb
app/views/devise/registrations/edit.html.erb

LANG:erb
+    <div class="field">
+      <%= f.label :name %><br />
+      <%= f.text_field :name %>
+    </div>

app/controllers/application_controller.rb

LANG:ruby
  class ApplicationController < ActionController::Base
+   before_action :configure_permitted_parameters, if: :devise_controller?
   
  protected
   
+     def configure_permitted_parameters
+       devise_parameter_sanitizer.for(:sign_up) << :name
+     end
  end

app/models/user.rb

LANG:ruby
  class User < ActiveRecord::Base
    ...
+   validates :name, length: { minimum: 3, maximum: 50 }
    ...
  end

これで http://localhost:3000/users/sign_up へアクセスして登録できます。

cancancan の設定

Gemfile

+ gem 'cancancan'
LANG:console
$ rails g cancan:ability

rails_admin の設定

Gemfile

+ gem 'rails_admin'
LANG:console
$ rails g rails_admin:install
          ?  Where do you want to mount rails_admin? Press <enter> for [admin] >

config/initializers/rails_admin.rb の以下の部分のコメントを外す

 # == Devise ==
 config.authenticate_with do
   warden.authenticate! scope: :user
 end
   config.current_user_method(&:current_user)
 # == Cancan ==
 config.authorize_with :cancan

管理者権限の設定

app/models/ability.rb

  class Ability
   include CanCan::Ability
 
   def initialize(user)
+    if user && user.id == 1
+      can :access, :rails_admin
+      can :manage, :all
+    end
   end
 end

Counter: 632 (from 2010/06/03), today: 2, yesterday: 3