READynamic is a software solution that can scale, bend, and transform to every aspect of your business needs. We recently enhanced READynamic to allow the dynamic creation and alteration of new and existing roles – as your user’s needs change, you now have the ability to change what those users do within the software.
Prior to the roles enhancement added to READynamic, roles were statically defined. They weren’t adjustable without source code changes, which made it rather frustrating if you needed something changed yesterday and couldn’t wait for an update to come your way. All of that changed when roles were moved to a configuration file called ‘roles.yml’ which can be modified right at the command line. Now, you can have all the different role permutations that you could ever want.
Taking a look at roles.yml, the file looks a little like this:
defaults: &defaults reader: uploader: &uploader storage: -1 permissions: create_book: true create_book_restricted: true create_group: true student: signup_allowed: true invitation_signup_role: true teacher: <<: *uploader signup_allowed: true publisher: <<: *uploader storage: 10000000000 # public server initial role (before paid for subscription) free: default_signup_role: true signup_allowed: true storage: 52428800 permissions: upgrade: true create_book: true create_group: true
You can see that a few roles are already defined, such as reader, uploader, student, teacher, publisher, and free. It is perfectly acceptable to leave these as they are out of the box and never modify them. It is also just as acceptable to wipe out everything here and create your own from scratch.
First, we need to get into the Docker container to access the file. You can do so by using this command:
docker exec -it readynamic_web_1 bash -l
Then you would want open ‘roles.yml’ at config/roles.yml.
Now, onto actually modifying ‘roles.yml.’ For example, let’s modify the student role. Maybe we want users with the student role to be able to create a book in the system, where by default they are not allowed to do so.
They start off with these permissions:
student: signup_allowed: true invitation_signup_role: true
We then need to add these roles:
permissions: create_book: true create_book_restricted: true
Once finished, it would look like this:
student: signup_allowed: true invitation_signup_role: true permissions: create_book: true create_book_restricted: true
But, we are not quite done yet – it is not enough to simply save this file and expect it to magically work. We have to sync the file with the rest of the system with the following command:
bundle exec rake users:sync_roles
You would then need to restart READynamic, at which point you will be able to start using the new permissions.
For the purposes of this blog, I only modified an existing role. However, so long as you follow the file syntax, you will be able to add as many roles as your business needs require to get what you need done. Happy customers, happy you!
Additional permissions that are allowed:
- storage – max allowable storage in bytes (if omitted defaults to 0, -1 – unlimited storage)
- signup_allowed – flag indicating that user with this role may be created via API call or via UI (if omitted defaults to false)
- default_signup_role – flag indicating that role should be used as a default if signup role is not specified
- invitation_signup_role – flag indicating that this role should be used for user signing up by invitation and permissions (if omitted all defaults to false):
- create_book – permits book creation (if omitted defaults to false)
- create_book_restricted – permits ‘restricted’ book creation (if omitted defaults to false)
- create_group – permits group creation (if omitted defaults to false)
- upgrade – allows ‘upgrade’ for the user. This normally includes subscription and payment (if omitted defaults to false)
- downgrade – allows for subscription cancellation (if omitted defaults to false)
- guest – special permission for the user that familiarizes with the site without being signed in
- admin – special permission indicating ‘admin’ privileges