Sure, have a look to the login generator (gem install login_generator) -, then script/generate It''s very easy to use. -- Posted via http://www.ruby-forum.com/.
Christophe Gimenez wrote:> Sure, have a look to the login generator (gem install login_generator) > -, then script/generate > > It''s very easy to use.I tried that out, however it is exposed itself, allowing anyone to register and therefore be an admin (if I use it that way). What I''m trying to figure out is how to build in logic so that all the CRUD methods are gated. -- Posted via http://www.ruby-forum.com/.
You can remove signup logic in controller. You must see the login_generator as a tool to produce a skekelton with basic functionnalities, but it''s very clean and can easily tailored to suit your needs. -- Posted via http://www.ruby-forum.com/.
I''m pretty happy with the login_engine/user_engine combo. LoginEngine provides the basic signup, login and password recovery functions and UserEngine adds simple role-based access control that you can tune down to single actions. My baseline user privileges are pretty much identical to a guest''s. Only those who have explicitly been assigned other roles have any privileges on protected controllers. Shut off new-account signup entirely -- or restrict it to admins -- and you should be all set if that''s what you want. Arch Stanton wrote:> Christophe Gimenez wrote: >> Sure, have a look to the login generator (gem install login_generator) >> -, then script/generate >> >> It''s very easy to use. > > I tried that out, however it is exposed itself, allowing anyone to > register and therefore be an admin (if I use it that way). > > What I''m trying to figure out is how to build in logic so that all the > CRUD methods are gated.-- Posted via http://www.ruby-forum.com/.
Steve Koppelman wrote:> I''m pretty happy with the login_engine/user_engine combo. LoginEngine > provides the basic signup, login and password recovery functions and > UserEngine adds simple role-based access control that you can tune down > to single actions. My baseline user privileges are pretty much identical > to a guest''s. Only those who have explicitly been assigned other roles > have any privileges on protected controllers. > > Shut off new-account signup entirely -- or restrict it to admins -- and > you should be all set if that''s what you want. >I cannot find the user_engine gem. I wanted to look at some documentation before installing. Anyone have a link? Thanks. -- Posted via http://www.ruby-forum.com/.
Reasonably Related Threads
- UserEngine - rake bootstrap aborted => undefined method `synchronize_with_controllers'' for Permission:Class
- UserEngine - rake bootstrap aborted
- Railspdf plugin problem
- UserEngine: stack level too deep
- UserEngine -- Permission.synchronize_with_controllers -- trouble with my own controller modules