当前位置: 文江博客话题详情

Rails3 和 Devise 作为基本 CRM 的一部分

发布于 2024-11-30 14:04:20 字数 571 浏览 0 评论 0原文

我们在 Rails3 中构建了一个自定义 CRM 来管理我们的客户和订单,并使用身份验证设计和 cancan 实现权限魔法。

公司人员多,订单多,发票多。很简单。

最重要的是,我们通过设计可以登录的用户等。

我真正想做的是将管理员用户和人员结合起来 - 例如,我们有时希望客户登录。将管理员用户与普通用户分开似乎有点过分?我们希望指定客户可以登录以保存通过设备添加两次。

最初我认为每个人都应该通过设备注册添加,但我不确定这是正确的。

我希望有人尝试过这个或者可以分享一些建议。有没有一种好的、简单的方法来实现这一目标?

- 编辑 -

除了下面的答案之外,我还进行了更新以使其更加清晰。

我们需要能够将用户添加到 CRM,而不需要让他们成为管理员或必须向他们提供密码(该设计似乎坚持这样做)。

  1. 使用空白/无密码创建客户/用户
  2. 如果客户需要登录,请标记管理员复选框并指定角色(通过 cancan)
  3. 取消选中管理员标志应禁止访问

目前,我们有一个与我们的设备用户列表分开的人员列表。我们想以某种方式结合起来。

原文

We've built a custom CRM for managing our customers and orders in Rails3 with devise for authentication and cancan doing the permission magic.

Companies have many people, orders and invoices. Pretty simple.

On top of this we have our users through devise who can login etc.

What I really want to do is combine the admin users and people - for example, we sometimes want customers to login. It seems a bit ott to have admin users separate from the people? We'd like to specify that a customer can login to save adding them through devise twice.

Initially I though everyone should be added through devise registration but I'm not sure this is right.

I hope someone's tried this or can share some advise. Is there a good, simple way to achieve this?

-- EDIT --

Further to the answers below, I've updated to make a little more clear.

We need to be able to add users to the CRM without making them an admin OR having to provide them with a password (that devise seems to insist on).

  1. Create customer / user with blank / no password
  2. If customer needs to login, mark admin checkbox and specify roles (through cancan)
  3. Unchecking admin flag should disallow access

Currently, we have a list of people that is separate to our list of devise users. We want to somehow combine.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

嘦怹 2024-12-07 14:04:20

我认为为所有类型的用户提供相同的模型是没有问题的。您只需要定义用户角色,例如通过数据库列。

但在许多情况下,您需要的不仅仅是一个用户角色来拒绝或允许访问,例如,您需要验证 current_user 是否已请求当前订单。所以你可以这样做:

假设你有这个模型:

class User < ActiveRecord::Base
  devise :database_authenticatable, :confirmab...
  ...

  def admin?
    role == 'admin'
  end
end

所以你可以通过模型中的某些方法(例如 admin?)来验证用户角色。

现在您可以使用 Can Can 进行授权,您可以查看此处如何定义你的能力。

能力类:

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    if user.admin?
      can :manage, :all
    else
      can :read, :all
    end
  end
end

了解 CanCan 的工作原理很重要:看这里

假设您想要将参数放入您的能力类中,以便您可以在加载页面之前验证数据库中的对象,从而允许或不允许用户访问。在您的 application_controller 文件中,输入如下内容:

  ...
  def current_ability
    @current_ability ||= Ability.new(params, current_user)
  end
  ...

根据您的能力,更改初始化方法的参数并根据需要使用 params

class Ability
  include CanCan::Ability

  def initialize(params, user)
    user ||= User.new # guest user (not logged in)
    if user.admin?
      can :manage, :all
    else
      # Verify the record for atuhorization
      can :manage, Order if Order.find(params[:id]).requester_id == user.id
    end
  end
end

I think that has no problem to have the same model for all kind of users. You only need to define the user role, through a database column for example.

But in many cases, you'll need more than a user role to deny or allow access, you'll need to verify if the current_user has requested the current Order, for example. So you can do this:

Suppose you have this model:

class User < ActiveRecord::Base
  devise :database_authenticatable, :confirmab...
  ...

  def admin?
    role == 'admin'
  end
end

So you can verify User role through some method in your model like admin?.

Now you can use Can Can for your authorization, as you can see here how to define your abilities.

Abilty class:

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    if user.admin?
      can :manage, :all
    else
      can :read, :all
    end
  end
end

Understands how CanCan works is an important thing: look here.

Suppose you want to get params into your ability class that allows you to verify objects in your database before load the page, allowing or not the user access. In your application_controller file, put something like this:

  ...
  def current_ability
    @current_ability ||= Ability.new(params, current_user)
  end
  ...

In your ability, change arguments of initialize method and uses params as you need:

class Ability
  include CanCan::Ability

  def initialize(params, user)
    user ||= User.new # guest user (not logged in)
    if user.admin?
      can :manage, :all
    else
      # Verify the record for atuhorization
      can :manage, Order if Order.find(params[:id]).requester_id == user.id
    end
  end
end
回复 原文
¢好甜 2024-12-07 14:04:20

如果您的应用程序不是以用户为中心(例如,您的应用程序的某些部分不限于用户)并且仅一小部分“人”需要登录,则您可以添加用户功能(身份验证角色等)一对一的关系:

class Person < AR::Base
  has_one :user
  belongs_to :company 
  ...
end

class User < AR::Base
  belongs_to :person
  devise :database_authenticatable, ...
end

这样您就可以将您的客户导入到一个简单的个人数据库中(无需担心设计验证),然后添加一小组“用户”。

也非常灵活:每当有人需要访问您的管理面板或每当您想要将应用程序更改为基于用户的功能(例如每个用户都有自己的页面等)时,您都可以轻松升级而不会破坏您的域模型...

它 纯粹的关注点分离

If your app is not user centeric (e.g parts of your app is not scoped to a user) and login is only necessary to a small part of "people", you can have the user functionalities (authentication roles and so on) added with a one to one relationship :

class Person < AR::Base
  has_one :user
  belongs_to :company 
  ...
end

class User < AR::Base
  belongs_to :person
  devise :database_authenticatable, ...
end

That way you can import your customers in a simple person db (without worrying about devise validation), and add the small set of "users" afterwards.

It is also quit flexible : whenever someone needs access to your admin panel or whenever you want to change the app to a user based feature (e.g every user has his own page etc) you can easily upgrade without breaking your domain model...

It's pure separation of concern

回复 原文
萤火眠眠 2024-12-07 14:04:20

如果我明白你的意思,最简单的方法是在你的用户模型中使用 admin 布尔值。就这样 !

If I have understood what you mean, the easiest way is to use a admin boolean in your user Model. That's all !

回复 原文
撩人痒 2024-12-07 14:04:20

使用空白/无密码创建客户/用户:

为此,您需要覆盖(实际上装饰)验证过程,该过程阻止您创建没有密码的用户

class User < AR

  devise :database_authenticatable, validatable #, etc..

  module ValidatableDecorator
    # commented are the original methods
    #def password_required?
    #  !persisted? || !password.nil? || !password_confirmation.nil?
    #end

    #def email_required?
    #  true
    #end

    def password_required?
      myspecial_condition && super
    end

    def email_required?
      my(other)special_condition && super 
    end

    def myspecial_condition
      false #if ...someattribute is false
    end
  end
  include ValidatableDecorator
end

另一种解决方案是生成密码....但请先阅读下文

如果客户需要登录,请标记管理复选框并指定角色(通过cancan)

这里有一个缺陷:如果用户没有密码,那么一旦他被授予权利,任何人都可以使用他的电子邮件进入管理部分!因此,首先您需要用户的密码...

我建议您使用 devise 提供的可恢复模块,这将向他发送一个 带有秘密链接的电子邮件,让他重置密码(除非他还没有任何

取消选中管理标志应该禁止访问

授予/取消授予管理员权限相当简单:https:// /github.com/plataformatec/devise/wiki/How-To:添加管理员角色

Create customer / user with blank / no password :

To do that you'll need to override (actually decorate) the validation process that prevents you from creating a user without password

class User < AR

  devise :database_authenticatable, validatable #, etc..

  module ValidatableDecorator
    # commented are the original methods
    #def password_required?
    #  !persisted? || !password.nil? || !password_confirmation.nil?
    #end

    #def email_required?
    #  true
    #end

    def password_required?
      myspecial_condition && super
    end

    def email_required?
      my(other)special_condition && super 
    end

    def myspecial_condition
      false #if ...someattribute is false
    end
  end
  include ValidatableDecorator
end

Another solution is to generate a password.... but read below first

If customer needs to login, mark admin checkbox and specify roles (through cancan)

There's one flaw here : if a user has no password then anybody could use his email to enter the admin section once he is granted the right! So first you'll need a password for the user...

I suggest you use the recoverable module provided by devise, that''ll send him an email with a secret link to let him reset his password (except he doesn't have any yet

Unchecking admin flag should disallow access

Granting/ungranting admin rights is rather easy : https://github.com/plataformatec/devise/wiki/How-To:-Add-an-Admin-role

回复 原文
~没有更多了~

关于作者

那伤。

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

游缘惊梦

文章 0 评论 0

小兔几

文章 0 评论 0

Glik

文章 0 评论 0

生生漫

文章 0 评论 0

Luxian

文章 0 评论 0

Champion-Ming

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文