-
Notifications
You must be signed in to change notification settings - Fork 11
Ent Web UI
Sidekiq Enterprise 1.5.0+ allows for user-defined authorization within the Web UI; you can define rules for whether a given request is allowed to proceed or not.
You define custom authorization logic at the top of your config/routes.rb
, like so:
require 'sidekiq-ent/web'
Sidekiq::Web.authorize do |env,method,path|
# env == the Rack env for this request
# method == 'GET', 'POST', 'DELETE', etc
# path == env['PATH_INFO']
user = nil # you'll need to define how you get access to the current user
# non-admins only allowed read-only GET operations
method == 'GET' || user.admin?
end
...
Your authentication library will determine how you get access to the current user. If you use a popular authentication library like Devise, Warden, Sorcery, etc, feel free to update this wiki page with how you access the current user.
require 'sidekiq-ent/web'
Sidekiq::Web.authorize do |env,method,path|
session = env['rack.session']
warden_key = session['warden.user.user.key']
return false unless warden_key && warden_key[0] && warden_key[0][0]
user = User.find warden_key[0][0]
user && user.admin?
end
...
Home | The Basics | Best Practices | Using Redis | Error Handling | Advanced Options | Problems?
This wiki is tracked by git and publicly editable. You are welcome to fix errors and typos. Any defacing or vandalism of content will result in your changes being reverted and you being blocked.