redirect loop on ActiveAdmin and authorization with cancancan
When i try navigating to http://localhost:3000/admin i get "This webpage has a redirect loop"
and also my logs I have
Started GET "/admin" for 127.0.0.1 at 2015-11-25 17:58:35 +0300
Processing by Admin::DashboardController#index as HTML
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."deleted_at" IS NULL AND "users"."id" = ? LIMIT 1 [["id", 1]]
Redirected to http://localhost:3000/admin
Filter chain halted as :authenticate_active_admin_user rendered or redirected
Completed 302 Found in 4ms (ActiveRecord: 0.1ms)
I have tried all i can but i am stil stuck :
my activeadmin.rb looks like this
def authenticate_admin_user!
if current_user.admin?
redirect_to admin_root_path
else
redirect_to new_user_session_path
end
end
config.authorization_adapter = ActiveAdmin::CanCanAdapter
config.authentication_method = :authenticate_admin_user!
config.current_user_method = :current_user
config.on_unauthorized_access = :access_denied
my ability.rb
def initialize(user)
user ||= User.new
if user.admin?
can :read, ActiveAdmin::Page, :name => "Dashboard"
can :manage, :all
elsif user.client?
can :manage, [Activity, Domain, FactPage, Task, TaskType]
cannot :read, ActiveAdmin::Page, :name => "Dashboard"
else
can :read, Activity
end
can :manage, UserSessionsController do |user_session|
user == user_session
end
if user.active?
can :time, Activity
can :read, ActiveAdmin::Page, :name => "Dashboard"
end
can :log_in, User
can :log_out, User
can :reset_password, User
end
will appreciate some good direction ....
I think the trick here is in your authenticate admin user method. You don't want to redirect if their an admin, only if they aren't (so you don't get a loop).
def authenticate_admin_user!
if !current_user.admin?
redirect_to new_user_session_path
end
end
HI Chris this seems to work but i get another error:
NoMethodError in Admin::Dashboard#index
Showing /home/jmunyi/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/activeadmin-1.0.0.pre2/app/views/active_admin/page/index.html.arb where line #2 raised:
undefined method `destroy_user_session_path' for
:ActiveAdmin::Views::TabbedNavigation
fyi I am not using Devise anywhere my authorization is being handle by cancancan and sorcery
I've never used Sorcery with ActiveAdmin so I wont' be of huge help here, but I imagine you can just copy that view into your app, override it, and adjust the links.
You can open an issue on the ActiveAdmin github page to get some help from their maintainers. They're really helpful for this stuff.
I reached out to them, had to chnage a few things but then again activeadmin doesnt support logout links with ids to landed into more problems, i might end up using sorcery for the app and devise for activeadmin ... not ideal but it migth do the job.... Unless there is a way to refactor the sorcery destroy session method not to use an id when deleting a session
Yeah, that's probably the easiest way then. This is one of the reasons I'm not a huge fan of ActiveAdmin because it can be fairly opinionated at times on things like this. Overall it's a great admin, but you might check out the recent episode on Administrate if you want to try an alternative.
I already did, but i guess its still to use administrate for a production quality app , isnt ?
I guess it depends. It is just basic scaffolds for your gems, so as long as you don't mind updating it regularly, I don't see that there's much to worry about with it.
does it support filters at this point ? as activeadmin does ? thats the reason why i was going for active admin .... i needed multiple filters for my data ... May be i should check if they have updated and included that since the last time i checked it out about 3 weeks ago
I know they've been discussing it at least. That's the last feature I've been waiting for but I know it's coming soon so I've already started a few apps using Administrate knowing that.
settle for activeadmin with device for Authorization and sorcery for the App .. not ideal but got the job done