Hi!
So i have made a pretty simple bloggish kind of site with RoR and i have used Devise to create user accounts and so on and its been working nicely. Now i have come to a point where i would like to add some premium content to my site.
I'm looking at adding some kind of groups or roles to my app. I have seen in the documentation to Devise that you can create a admin role or similar stuff by adding couple of boolean attributes to the user table and that way create a simple role system. I was also
reading about creating several user models. What would be the best way to implement this functionality ? and if you create several user models are there a way to move a user from one model to the other and back if needed?
My plan was to use Devise to create some kind of role/group thing and then use Pundit and its policy files to control what content different users could access.
I started with trying the first option of adding boolean attributes to my user table. But i don't seem to get it to work.. i have attribute that is called "base" and this stands for the basic user type or role. I'm not sure i'm defining this role in the right way in my application controller.
I would welcome any help i could get on this subject. I have been struggling some time now to get this functionality to work but i seem a bit stuck at the moment and i'm guessing i must have missed something along the way. Also if you know a diffrent or better way to solve this i would welcome that to :)
Cheers!
Björn
This how my Application_controller.rb looks like:
class ApplicationController < ActionController::Base
include Pundit
before_filter :configure_permitted_parameters, if: :devise_controller?
#nclude Authority::Controller
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :current_password, :name, :city, :zip) }
#devise_parameter_sanitizer.for(:sign_up) << :email, :name, :city, :zip
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :name, :city, :zip) }
end
def base?
@current_user.base == true
end
private
def mobile_device?
request.user_agent =~ /Mobile|webOS/
end
helper_method :mobile_device?
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
private
# Generates not authorized exception message
def user_not_authorized
flash[:error] = "Access denied."
redirect_to (request.referrer || root_path)
end
end