Screencast: Authentifizierung in Rails 3.1

Rails 3.1 steht kurz vor der Veröffentlichung und daher gibt es diese Woche einen weiteren Screencast dazu. Authentifizierung über HTTP Basic, sichere Passwörter in Datenbanken und SSL sind die Themen die Ryan in dieser Woche vorstellt und wie diese ganz einfach in Rails 3.1 realisiert werden können.

 

Downloads in verschiedenen Formaten:

source code
mp4
m4v
webm
ogv

 

Resourcen:

bash

[bash]
rails g model user email:string password_digest:string
rails s -e production
[/bash]

secret_controller.rb

[ruby]
http_basic_authenticate_with :name => "frodo", :password => "thering"
[/ruby]

models/user.rb

[ruby]
class User < ActiveRecord::Base
attr_accessible :email, :password, :password_confirmation
has_secure_password
validates_presence_of :password, :on => :create
end
[/ruby]

sessions_controller.rb

[ruby]
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end

def destroy
session[:user_id] = nil
redirect_to root_url, :notice => "Logged out!"
end
[/ruby]

application_controller.rb

[ruby]
force_ssl

private

def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
helper_method :current_user
[/ruby]

Screencast: Authorisierung mit CanCan

Authorisierung in Webapplikation lassen sich auf einfache Art und Weise mit CanCan realisieren. Ryan Bates zeigt in diesem Screencast wie dieses Plugin eingesetzt werden kann.

 

Download (30.2 MB, 15:57)
Alternativer Download für iPod & Apple TV (20.3 MB, 15:57)

 

Resourcen:

Quellcode:

[bash]
sudo rake gems:install
[/bash]

[ruby]
# config/environment.rb
config.gem "cancan"

# models/ability.rb
class Ability
include CanCan::Ability

def initialize(user)
user ||= User.new # guest user

if user.role? :admin
can :manage, :all
else
can :read, :all
can :create, Comment
can :update, Comment do |comment|
comment.try(:user) == user || user.role?(:moderator)
end
if user.role?(:author)
can :create, Article
can :update, Article do |article|
article.try(:user) == user
end
end
end
end
end

# application_controller.rb
rescue_from CanCan::AccessDenied do |exception|
flash[:error] = "Access denied."
redirect_to root_url
end

# articles_controller.rb
load_and_authorize_resource

# comments_controller.rb possibility
load_and_authorize_resource :nested => :article
[/ruby]

[html]
<!– articles/show.html.erb –>
<p>
<% if can? :update, @article %>
<%= link_to "Edit", edit_article_path(@article) %> |
<% end %>
<% if can? :destroy, @article %>
<%= link_to "Destroy", @article, :method => :delete, :confirm => "Are you sure?" %> |
<% end %>
<%= link_to "Back to Articles", articles_path %>
</p>

<p>
<% if can? :update, comment %>
<%= link_to "Edit", edit_comment_path(comment) %>
<% end %>
<% if can? :destroy, comment %>
| <%= link_to "Destroy", comment, :method => :delete, :confirm => "Are you sure?" %>
<% end %>
</p>

<!– articles/index.html.erb –>
<% if can? :create, Article %>
<p><%= link_to "New Article", new_article_path %></p>
<% end %>
[/html]

Screencast: Declarative Authorization

Benutzer-Authorisierung wird in vielen, wenn nicht sogar in den meisten, Applikationen benötigt. Wie dies umgesetzt werden kann zeigt Ryan in seinem dieswöchigen Screencast.

Dowload:
Download (36.4 MB, 15:27)
Alternative download für iPod & Apple TV (21.6 MB, 15:27)


Resourcen:

Quellcode:

[bash]
sudo rake gems:install
[/bash]

[ruby]
# config/environment.rb
config.gem "declarative_authorization", :source => "http://gemcutter.org"

# config/authorization_rules.rb
authorization do
role :admin do
has_permission_on [:articles, :comments], :to => [:index, :show, :new, :create, :edit, :update, :destroy]
end

role :guest do
has_permission_on :articles, :to => [:index, :show]
has_permission_on :comments, :to => [:new, :create]
has_permission_on :comments, :to => [:edit, :update] do
if_attribute :user => is { user }
end
end

role :moderator do
includes :guest
has_permission_on :comments, :to => [:edit, :update]
end

role :author do
includes :guest
has_permission_on :articles, :to => [:new, :create]
has_permission_on :articles, :to => [:edit, :update] do
if_attribute :user => is { user }
end
end
end

# application_controller.rb
before_filter { |c| Authorization.current_user = c.current_user }

protected

def permission_denied
flash[:error] = "Sorry, you are not allowed to access that page."
redirect_to root_url
end

# articles_controller.rb
filter_resource_access
[/ruby]

[html]
<!– articles/show.html.erb –>
<p>
<% if permitted_to? :edit, @article %>
<%= link_to "Edit", edit_article_path(@article) %> |
<% end %>
<% if permitted_to? :destroy, @article %>
<%= link_to "Destroy", @article, :method => :delete, :confirm => "Are you sure?" %> |
<% end %>
<%= link_to "Back to Articles", articles_path %>
</p>

<p>
<% if permitted_to? :edit, comment %>
<%= link_to "Edit", edit_comment_path(comment) %>
<% end %>
<% if permitted_to? :destroy, comment %>
| <%= link_to "Destroy", comment, :method => :delete, :confirm => "Are you sure?" %>
<% end %>
</p>

<!– articles/index.html.erb –>
<% if permitted_to? :create, Article.new %>
<p><%= link_to "New Article", new_article_path %></p>
<% end %>
[/html]