Login/Register
How do you invite another user to a "team" or "account" or "project" with Clearance and Pundit?
Asked Answered
Solved ruby-on-railsrubyuser-accountspunditclearance
J

1

5

I have a Rails app with Clearance and Pundit and I'm trying to create "teams" where the "Team Leader" can invite other users to join their team. I would like to do something similar to devise_invitable, but with Clearance.

Here is my plan for how this might work:

  1. Users that sign up to the site through the signup form are automatically assigned a unique Team ID and become the "Team Lead." They don't see this ID on the form. (Another way this could be done is they create a unique team name that is saved on sign up.) Is the best way to do this to create a before_filter for assigning the team ID and Team Leader on sign up?

  2. Team IDs or names would be unique and each User can only belong to one team. Association would look like this:

    Team 

    has_many :users

    User 

    belongs_to :team

  3. Once this "Team Leader" account is created, this user can invite other users to join the team by filling out a User#new form similar to the Clearance sign up form (name, email, etc.) This form would create the User and assign them to the Team Leader's team. They could be assigned a random password to give to Clearance so that the new user passes the validation.

  4. Once a user has been created by the Team Leader they are saved in the database with the randomly generated password and a Mailer is sent to the invited user that is similar to the standard Clearance password reset Mailer. It just gives them a notification that they have been invited to the team and provides a link to reset their password and then log in. It's basically the Clearance password reset Mailer with different copy.

Is this a decent strategy or is there a more widely used pattern I'm missing for solving this problem with Clearance and Pundit? I've never done anything like this with Rails, so I have no idea if this is a ducted-tape way to use Clearance.

Jenette answered 23/5, 2018 at 14:56 Comment(2)
You mentioned devise_invitable, so you're probably familiar with Devise. I've done things similar to what you need using Devise + Pundit and Rolify. I believe the missing part you're looking for is going to be something for AUTHORIZATION. You've got AUTHENTICATION using Clearance, so you know who they are, but you need a way to tell Pundit what they can DO. You're looking for something like Rolify or CanCan to provide the accounts with roles. If you're looking for a more well tread path, I would recommend Devise, devise_invitable, Pundit, and Rolify, but I'm sure you can do the same thing.Texas
I'd prefer to stick with Clearance and Pundit as they are much more lightweight than using Devise. Is what I'm suggesting not a good idea? That seems like a simple way to implement it.Jenette
G
6

Your plan is good. There is no Clearance or Pundit specific way to do it. Of course, your strategy seems fine and you will have to implement it using Clearance.

  1. As far as I understand, you first want to create the user and then create the team for the user. So it would be better to user after_* callback from the available callbacks. before_filter hook is executed before the record is stored in the database. So for example, unless you have the user stored in the database you can not assign it them as Team Leader "before" the user is saved.

  2. If you want to use UUID instead of ID you can do something like this or else you can simply use the unique constraint on name column of teams table. The association you have mentioned seem fine.

  3. You can create a custom controller here which creates a User. Something like app/controllers/team_members#create. I don't think it is needed to be ducted-tape to Clearance. The example code can be:

def create
  member = User.new(team_member_params)
  if member.save
    #some code
  else
    #some code
  end
end
  1. I don't think it would be a good idea to use password-reset emails. You can send out new mailer using after_create hook.

after_create :send_invitation_to_team_member, if: :not_team_leader

Grandnephew answered 27/5, 2018 at 18:25 Comment(1)
Thanks this is exactly what I needed help with. Didn't think about using the before_filter. Also didn't think about abstracting the User.new into another controller that creates the "Team Member". That was a helpful tip. Appreciate it!Jenette

© 2022 - 2024 — McMap. All rights reserved.