Home Restrict different type of admins to access each other routes
Reply: 1

Restrict different type of admins to access each other routes

john
1#
john Published in 2017-11-14 18:06:10Z

I am working on admin panel and I have different levels of admins. I have a field "admin_type" in the database to represent the level of the admin. The levels are 1,2,3. Now I want to implement some restrictions so that admin level 1 can't access route that is only for admin level 2.

I have searched google a lot and found this blog post helpful http://bjedrocha.com/rails/2015/03/18/role-based-routing-in-rails/ But When I implemented this it is not working and giving hell of errors This is the route code. I want this route only accessible by admin level 2

constraints RouteConstraint.new do
    get 'admins/donation_analysis' => 'admins#donation_analysis'
end

This is the constraint class

class RouteConstraint
  def matches?(request)
    user = current_user(request)
    ##render plain: user.inspect
    user.present? && user.admin_type?(:2)
  end

  def current_user(request)
    User.find_by_id(request.session[:user_id])
  end
end

routes are

constraints RouteConstraint.new do
    get 'admins/donation_analysis' => 'admins#donation_analysis'
  end
  #get 'admins/active_account/:token' => 'admins#active_account'
  get 'admins/link_expiry' => 'admins#link_expiry'
  get 'admins/edit_profile' => 'admins#edit_profile'
  post 'admins/update_profile' => 'admins#update_profile'
  match '/admins/create_account', to: 'admins#create_account', via: 'post'
  match '/admins/:id', to: 'admins#destroy', via: 'get' , as: 'admin_destroy'

  resources :admins

But it is not working

Gabbar
2#
Gabbar Reply to 2017-11-14 18:44:31Z
class RouteConstraint
  def matches?(request)
    user = current_user(request)
    ##render plain: user.inspect
    user.present? && user.admin_type == "2"
  end

  def current_user(request)
    User.find_by_id(request.session[:user_id])
  end
end
You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.307454 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO