Austin Story

Ruby, Rails and Javascript Blog

Ubuntu 16.04 setup for Ruby on Rails, Postgres, NodeJs, ElasticSearch and Neo4j

By Leave a Comment

POSTGRES

sudo apt-get update
sudo apt-get install postgresql postgresql-contrib

sudo -u postgres createuser –interactive
#name of role = yourLoggedInUserName
#super uesr? yes

Set permissions for local postgres access in pg_hba.conf
# will probalby be in /etc/postgresql/VERSIONNUMBER/main/pg_hba.conf

set all database administrative in peer column to ‘trust’ this allows you to login locally without security (i.e. don’t do this for production)

with the user you are logged in as, run these commands, for instance if you login as my_user_name
sudo su postgresql
psql
CREATE ROLE my_user_name WITH SUPERUSER;
ALTER ROLE my_user_name WITH CREATEDB;
ALTER ROLE my_user_name WITH LOGIN;

Add git SSH access
mkdir ~/.ssh
chmod 700 ~/.ssh
cd ~/.ssh
ssh-keygen -t rsa -C YOURNAME
cat id_rsa.pub

Copy what is displayed into your github/bitbucket to add new keys

install git
sudo apt-get install git

Install RVM
https://rvm.io/

Set RVM as function
copy this
[[ -s “$HOME/.rvm/scripts/rvm” ]] && source “$HOME/.rvm/scripts/rvm”
From: ~/.bash_profile file
To: ~/.bashrc file

Install Ruby
close and open a new terminal
rvm install 2.3.1

Set default ruby
rvm –default use 2.3.1

Install Java
sudo apt-get update
sudo apt-get install default-jdk

Install Elasticsearch
wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-2.3.2.deb
sudo dpkg -i elasticsearch-2.3.2.deb

Install Neo4j
wget -O – https://debian.neo4j.org/neotechnology.gpg.key | sudo apt-key add –
echo ‘deb http://debian.neo4j.org/repo stable/’ >/tmp/neo4j.list
sudo mv /tmp/neo4j.list /etc/apt/sources.list.d
sudo apt-get update
sudo apt-get install neo4j

Install Node version manager (NVM)
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.1/install.sh | bash
nvm install 6.1.0

LINK Rubymine properly
https://makandracards.com/makandra/879-install-rubymine-under-ubuntu

tar -xzf RubyMine-X.Y.Z.tar.gz
Make a directory for RubyMines:

mkdir -p ~/bin/rubymines/
mkdir -p ~/bin/rubymine/
Move the unpacked RubyMine folder to the desired destination:

mv ~/Downloads/RubyMine-X.Y.Z ~/bin/rubymines
Make a symlink:

ln -nfs ~/bin/rubymines/RubyMine-X.Y.Z ~/bin/rubymine

Postgress
sudo apt-get install lib-pqdev

image magick – rmagic
sudo apt-get install libmagickwand-dev

Pundit and Rolify Testing with Rails

By Leave a Comment

Just ran into an oddity that I didn’t expect (due to a false assumptions) when testing permissions and wanted to send it out to the world.

I have an app with two types of roles; :admin or :user. I am using Rolify in combination with Pundit to perform the role based authorization of REST actions.

I mixin a module containing general purpose authorization classes. I do it this way because permissions schemes tend to change alot and centralization makes it easier to change. You could easily just add these to your pundit policy classes.

[ruby]
def is_admin?
user.has_role?(:admin)
end

def is_user?
user.has_role?(:user)
end

def is_allowed?
user.has_role?(:user, record)
end
[/ruby]

Pretty straight-forward. An administrator has the role of :admin, a user has a role of :user and a :user is only allowed to access records that they are explicitly granted permission on.

My error was the assumption that user.has_role?(:user) would return true if a user had a role of :user explicitly set on any object in the system. In a pundit action it would look something like this.

[ruby]
def index?
is_admin? || is_user?
end
[/ruby]

The problem is that this was returning false unless someone had a :user role set in general, not on a specific instance of a record.

I think code clears this up further, here is the error.

[ruby]
#Assign the user role of :user on a specific object instance
User.first.add_role(:user, SomeObject.first)
User.first.has_role?(:user) #= false

#Assign the user a role of :user
User.first.add_role(:user)
User.first.has_role?(:user) #= true
[/ruby]

So i had to alter this to use see if the User had the role of :user on any object in the system.

[ruby]
#Old definition, broken
def is_user?
user.has_role?(:user)
end

#New definition, fixed!
def is_user?
SomeObject.find_roles(:user, user).any?
end
[/ruby]

The new is_user? returns true when the user has a role of :user on any SomeObject in the system. Which is exactly what we need.

Lesson learned, I assumed that the method worked a certain way and lost several hours of debugging in my unit tests. I normally will go straight to IRB when i run into anomalies but because i strongly help my assumption I didn’t.