ActiveAdmin - Allow non-logged-in users to view but not edit resources

1
votes

I have a Rails app that I'm using to display database records. Until I have the time/knowledge/resources to create a home-brewed interface for viewing the database records (with pagination and advanced search/sort functionality), I've opted to settle for ActiveAdmin to handle these tasks for me.

The database needs to be publicly viewable, and I really don't want to force casual users to create user accounts, so the obvious choice seems to be to disable authentication altogether. However, I only want for admin users (i.e.; me - not unregistered users) to be able to edit the database records, preferably through the ActiveAdmin interface.

Is there an easy way to accomplish this (disable create/edit/delete for unregistered users but allow them for admins)?

1
ruby-on-railsrubyactiverecordactiveadmin
You need to add custom authentication to the resources I believe. You can write a simple is_admin? method and only allow modification if it returns true. - jkeuhlen

1 Answers

2
votes

ActiveAdmin lets you customise its permissions by providing a custom AuthorizationAdapter. This has an authorized? method that determines whether a user can perform an action. Here's an AuthorizationAdapter should allow logged-in admins to do anything, but others can only read data: 

class AdminOnlyEditAdapter < ActiveAdmin::AuthorizationAdapter
  def authorized?(action, subject = nil)
    :read == action || (user && user.admin?)
  end
end

Then configure ActiveAdmin to use your new class in config/initializers/active_admin.rb:

config.authorization_adapter = "AdminOnlyEditAdapter"