-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Ent Web UI
Hamed Asghari edited this page Jul 7, 2023
·
6 revisions
Sidekiq Enterprise 1.5.0+ allows for user-defined authorization within the Web UI; you can define rules for whether a given request is allowed to proceed or not.
You define custom authorization logic at the top of your config/routes.rb, like so:
require "sidekiq-ent/web"
Sidekiq::Web.authorize do |env,method,path|
# env == the Rack env for this request
# method == "GET", "POST", "DELETE", etc
# path == env["PATH_INFO"]
user = nil # you"ll need to define how you get access to the current user
# non-admins only allowed read-only GET operations
method == "GET" || user.admin?
end
...Your authentication library will determine how you get access to the current user. If you use a popular authentication library like Devise, Warden, Sorcery, etc, feel free to update this wiki page with how you access the current user.
require "sidekiq-ent/web"
Sidekiq::Web.authorize do |env,method,path|
session = env["rack.session"]
warden_key = session["warden.user.user.key"]
return false unless warden_key && warden_key[0] && warden_key[0][0]
user = User.find warden_key[0][0]
user && user.admin?
end
...require "sidekiq-ent/web"
Sidekiq::Web.authorize do |env, method, path|
user = env[:clearance].current_user
user && user.admin?
end