* use cancancan to define abilities

* use rails_admin as a simple admin backend
* remove api only for project because we want to access it by rails_admin
* add annotate gem
* Add basic assets to handle login/password reset and rails_admin
* use devise default views to get into rails_admin area

Author: simonfranzen

Gemfile

@@ -15,8 +15,12 @@ gem 'bcrypt', '~> 3.1.7'                    # Use ActiveModel has_secure_passwor
 gem 'devise'                                # Use devise as authentication module
 gem 'graphql'
 gem 'graphql-auth', git: '[email protected]:simonfranzen/graphql-auth.git', branch: 'rails6'
-gem 'graphql-errors'
-gem 'rack-cors'
+gem 'graphql-errors'                        # GrapqhQL error handling
+gem 'rack-cors'                             # Rack CORS settings
+gem 'rails_admin', '~> 2.0.2'               # Admin interface
+gem 'cancancan'                             # Defining abilities
+gem 'image_processing', '~> 1.2'            # Image processing
+gem 'mini_magick'                           # Image manipulation with rmagick
 
 # gem 'graphiql-rails', group: :development
 
@@ -61,6 +65,7 @@ group :test do
 end
 
 group :development do
+  gem 'annotate'
   gem 'listen', '>= 3.0.5', '< 3.2'
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'rubocop-performance'                 # speed up rubocop

Gemfile.lock

@@ -53,6 +53,10 @@ GEM
       globalid (>= 0.3.6)
     activemodel (6.0.3.3)
       activesupport (= 6.0.3.3)
+    activemodel-serializers-xml (1.0.2)
+      activemodel (> 5.x)
+      activesupport (> 5.x)
+      builder (~> 3.1)
     activerecord (6.0.3.3)
       activemodel (= 6.0.3.3)
       activesupport (= 6.0.3.3)
@@ -67,13 +71,17 @@ GEM
       minitest (~> 5.1)
       tzinfo (~> 1.1)
       zeitwerk (~> 2.2, >= 2.2.2)
+    annotate (3.1.1)
+      activerecord (>= 3.2, < 7.0)
+      rake (>= 10.4, < 14.0)
     ast (2.4.1)
     awesome_print (1.8.0)
     bcrypt (3.1.13)
     bootsnap (1.4.4)
       msgpack (~> 1.0)
     builder (3.2.4)
     byebug (11.0.1)
+    cancancan (3.1.0)
     concurrent-ruby (1.1.7)
     crass (1.0.6)
     database_cleaner (1.7.0)
@@ -109,10 +117,34 @@ GEM
     graphql (1.9.6)
     graphql-errors (0.3.0)
       graphql (>= 1.6.0, < 2)
+    haml (5.1.2)
+      temple (>= 0.8.0)
+      tilt
     i18n (1.8.5)
       concurrent-ruby (~> 1.0)
+    image_processing (1.11.0)
+      mini_magick (>= 4.9.5, < 5)
+      ruby-vips (>= 2.0.17, < 3)
+    jquery-rails (4.4.0)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
+    jquery-ui-rails (6.0.1)
+      railties (>= 3.2.16)
     json (2.3.1)
     jwt (2.2.1)
+    kaminari (1.2.1)
+      activesupport (>= 4.1.0)
+      kaminari-actionview (= 1.2.1)
+      kaminari-activerecord (= 1.2.1)
+      kaminari-core (= 1.2.1)
+    kaminari-actionview (1.2.1)
+      actionview
+      kaminari-core (= 1.2.1)
+    kaminari-activerecord (1.2.1)
+      activerecord
+      kaminari-core (= 1.2.1)
+    kaminari-core (1.2.1)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -126,10 +158,12 @@ GEM
       mimemagic (~> 0.3.2)
     method_source (1.0.0)
     mimemagic (0.3.5)
+    mini_magick (4.10.1)
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
     minitest (5.14.2)
     msgpack (1.3.0)
+    nested_form (0.3.2)
     nio4r (2.5.3)
     nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
@@ -145,6 +179,9 @@ GEM
     rack (2.2.3)
     rack-cors (1.0.5)
       rack (>= 1.6.0)
+    rack-pjax (1.1.0)
+      nokogiri (~> 1.5)
+      rack (>= 1.1)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails (6.0.3.3)
@@ -171,6 +208,18 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
+    rails_admin (2.0.2)
+      activemodel-serializers-xml (>= 1.0)
+      builder (~> 3.1)
+      haml (>= 4.0, < 6)
+      jquery-rails (>= 3.0, < 5)
+      jquery-ui-rails (>= 5.0, < 7)
+      kaminari (>= 0.14, < 2.0)
+      nested_form (~> 0.3)
+      rack-pjax (>= 0.7)
+      rails (>= 5.0, < 7)
+      remotipart (~> 1.3)
+      sassc-rails (>= 1.3, < 3)
     railties (6.0.3.3)
       actionpack (= 6.0.3.3)
       activesupport (= 6.0.3.3)
@@ -183,6 +232,7 @@ GEM
     rb-inotify (0.10.0)
       ffi (~> 1.0)
     regexp_parser (1.7.1)
+    remotipart (1.4.4)
     responders (3.0.0)
       actionpack (>= 5.0)
       railties (>= 5.0)
@@ -224,7 +274,17 @@ GEM
     rubocop-rspec (1.43.2)
       rubocop (~> 0.87)
     ruby-progressbar (1.10.1)
+    ruby-vips (2.0.17)
+      ffi (~> 1.9)
     ruby_dep (1.5.0)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    sassc-rails (2.1.2)
+      railties (>= 4.0.0)
+      sassc (>= 2.0)
+      sprockets (> 3.0)
+      sprockets-rails
+      tilt
     shoulda-matchers (4.0.0.rc1)
       activesupport (>= 4.2.0)
     simplecov (0.16.1)
@@ -248,8 +308,10 @@ GEM
       unicode-display_width (~> 1.5)
       unicode_utils (~> 1.4)
     strings-ansi (0.1.0)
+    temple (0.8.2)
     thor (0.20.3)
     thread_safe (0.3.6)
+    tilt (2.0.10)
     tty-color (0.5.0)
     tty-pager (0.12.1)
       strings (~> 0.1.4)
@@ -273,10 +335,12 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  annotate
   awesome_print
   bcrypt (~> 3.1.7)
   bootsnap (>= 1.1.0)
   byebug
+  cancancan
   database_cleaner (~> 1.6)
   devise
   dotenv-rails
@@ -285,12 +349,15 @@ DEPENDENCIES
   graphql
   graphql-auth!
   graphql-errors
+  image_processing (~> 1.2)
   listen (>= 3.0.5, < 3.2)
+  mini_magick
   pg
   puma (~> 3.12)
   rack-cors
   rails (~> 6.0.3)
   rails-controller-testing
+  rails_admin (~> 2.0.2)
   rspec-rails (~> 3.8)
   rubocop
   rubocop-performance

README.md

@@ -1,6 +1,6 @@
-# Rails 6 API-only boilerplate with devise & JWT & graphQL
+# Rails 6 boilerplate with devise, JWT, graphQL, CanCanCan and RailsAdmin.
 
-This is a boilerplate to build your next SaaS product. It's a RubyOnRails 6 API only backend with Authentication and GraphQL API. It works nicely together with clients made with **React.js & React.Native** or any other frontend which implements the [JSON Web Tokens](https://jwt.io/introduction/) philosophy. We have a demo frontend made with [gatsbyJS](https://www.gatsbyjs.org/) available here: <https://gatsby-redux.zauberware.com/>.
+This is a boilerplate to build your next SaaS product. It's a RubyOnRails 6 backend with Authentication and GraphQL API. It works nicely together with clients made with **React.js & React.Native** or any other frontend which implements the [JSON Web Tokens](https://jwt.io/introduction/) philosophy.
 
 ## Versions
 
@@ -9,6 +9,22 @@ This is a boilerplate to build your next SaaS product. It's a RubyOnRails 6 API
 - Rails version `6.0.X`
 - Postgresql Server as db connector
 
+## Dependencies
+This boilerplate works like a charm with the following gems:
+- pg
+- devise
+- graphql
+- graphql-auth
+- graphql-errors
+- rack-cors
+- rails_admin
+- cancancan
+- image_processing
+- mini_magick
+- puma
+- bootsnap
+
+
 ## Quick start
 
 [![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/zauberware/rails-devise-graphql)
@@ -60,7 +76,7 @@ Point the GraphQL IDE to `http://0.0.0.0:3000/graphql`
 The app uses a postgresql database. It implements the connector with the gem `pg`. The app already includes a `User` model with basic setup.
 
 ### 2. Authentication
-The app uses [devise](https://github.com/plataformatec/devise)'s logic for authentication. Emails are currently disabled in the environment settings.
+The app uses [devise](https://github.com/plataformatec/devise)'s logic for authentication. For graphQL API we use the JWT token, but to access the rails_admin backend we use standard devise views, but registration is excluded.
 
 ### 3. JSON Web Token
 [graphql-auth](https://github.com/o2web/graphql-auth) is a graphql/devise extension which uses JWT tokens for user authentication. It follows [secure by default](https://en.wikipedia.org/wiki/Secure_by_default) principle.
@@ -74,18 +90,47 @@ Protect your app and only allow specific domains to access your API. Set `CLIENT
 ### 6. App server
 The app uses [Puma](https://github.com/puma/puma) as the web serber. It is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications in development and production.
 
-### 7. Testing
+### 7. UUID
+The app uses UUID as ids for active record entries in the database. If you want to know more about using uuid instead of integers read this [article by pawelurbanek.com](https://pawelurbanek.com/uuid-order-rails).
+
+### 8. Automatic model annotation
+Annotates Rails/ActiveRecord Models, routes, fixtures, and others based on the database schema. See [annotate_models gem](https://github.com/ctran/annotate_models).
+
+### 9. Abilities with CanCanCan
+[CanCanCan](https://github.com/CanCanCommunity/cancancan) is an authorization library for Ruby and Ruby on Rails which restricts what resources a given user is allowed to access. We combine this gem with a `role` field defined on user model.
+
+### 10. Rails Admin
+To access the data of your application you can access the [rails_admin](https://github.com/sferik/rails_admin) dashboard under route `/admin`. It's currently only allowed for users with role superadmin.
+
+If you want to give your admin interface a custom branding you can override sass variables or write your own css under `app/assets/stylesheets/rails_admin/custom`.
+
+### 11. Testing
 
 We are using the wonderful framework [rspec](https://github.com/rspec/rspec). The testsuit also uses [factory_bot_rails](https://github.com/thoughtbot/factory_bot_rails) for fixtures.
 
 Run `rspec spec`
 
-### 8. Linter with Rubocop
+#### FactoryBot
+To create mock data in your tests we are using [factory_bot](https://github.com/thoughtbot/factory_bot). The gem is fixtures replacement with a straightforward definition syntax, support for multiple build strategies (saved instances, unsaved instances, attribute hashes, and stubbed objects), and support for multiple factories for the same class (user, admin_user, and so on), includéng factory inheritance.
+
+#### Faker
+Create fake data easily with [faker gem](https://github.com/faker-ruby/faker). Caution: The created data is not uniq by default.
+
+#### Shoulda Matchers
+[Shoulda Matchers](https://github.com/thoughtbot/shoulda-matchers) provides RSpec- and Minitest-compatible one-liners to test common Rails functionality that, if written by hand, would be much longer, more complex, and error-prone.
+
+#### Simplecov
+[SimpleCov](https://github.com/simplecov-ruby/simplecov) is a code coverage analysis tool for Ruby. It uses Ruby's built-in Coverage library to gather code coverage data, but makes processing its results much easier by providing a clean API to filter, group, merge, format, and display those results, giving you a complete code coverage suite that can be set up with just a couple lines of code.
+
+Access results with `$ open /coverage/index.html`.
+
+
+### 12. Linter with Rubocop
 
 We are using the wonderful [rubocop](https://github.com/rubocop-hq/rubocop-rails) to lint and autofix the code. Install the rubocop VSCode extension to get best experience during development.
 
 
-### 9. Deployment
+### 13. Deployment
 The project runs on every webhoster with ruby installed. The only dependency is a PostgreSQL database. Create a block `production:` in the`config/database.yml` for your connection.
 
 #### Heroku
@@ -102,17 +147,9 @@ If you want to use [bitbucket pipelines](https://bitbucket.org/product/de/featur
 
 Make sure to set ENV vars `$HEROKU_API_KEY` and `$HEROKU_APP_NAME` in bitbuckets pipeline settings. (Will appear after enabling pipelines for your project.)
 
-The pipeline has 2 environments: staging and production. Staging pipline is getting triggered in `develop` branch. Production uses all `release-*` branches.
-
-
-### 9. Frontend
-
-#### GatsbyJS
-
-If you need a frontend than have a look at this basic [Gatsby boilerplate](https://github.com/zauberware/gatsby-starter-redux-saas). A Gatsby Redux SaaS starter for your next SaaS product. Uses react-redux, apollo-client, magicsoup.io, styled-components, styled-system.
-
-![zauberware technologies](https://github.com/zauberware/gatsby-starter-redux-saas/raw/master/static/website-preview.jpg)
+The pipeline has 2 environments: staging and production. Staging pipline is getting triggered in `develop` branch. Production deploy triggered by `master` branch.
 
+It also triggers pipeline when opening a PR.
 
 ## What's missing?
 

app/assets/config/manifest.js

@@ -0,0 +1,3 @@
+//= link_tree ../images
+//= link_directory ../javascripts .js
+//= link_directory ../stylesheets .css

app/assets/images/logo.svg

@@ -0,0 +1,19 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require frontend/normalize
+ *= require frontend/util
+ *= require frontend/typo
+ *= require frontend/main
+ *= require frontend/auth
+ *= require_self
+ */

app/assets/javascripts/.keep

@@ -0,0 +1,26 @@
+//
+/* SETTINGS ===================================================== */
+/* Global variables, anything that is global for the project ==== */
+$color--border: rgb(203, 219, 238);
+
+$gray-base:              #080604;
+$gray-darker:            #221710; // #222
+$gray-dark:              #3f2b1e;   // #333
+$gray:                   #3d6372; // #555
+$gray-light:             #859fb8;   // #999
+$gray-lighter:           #eaeff5; // #eee
+
+$brand-info:            #80bcdc;  // default $brand-primary
+$brand-success:         #c9db8a;
+$brand-primary:         #0079ba;  // default $brand-info
+$brand-warning:         #e1c345;
+$brand-danger:          #e5734b;
+
+
+
+$font-family-sans-serif:  "Roboto",-apple-system,BlinkMacSystemFont,"Segoe UI","Helvetica Neue",Arial,sans-serif;
+$font-family-serif:       "Roboto Slab",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif;
+//** Default monospace fonts for `<code>`, `<kbd>`, and `<pre>`.
+$font-family-monospace:   Menlo, Monaco, Consolas, "Courier New", monospace;
+$font-family-base:        $font-family-sans-serif;
+

app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+@import "_vars";
+
+.authWrapper{
+  width: 100%;
+  max-width: 420px;
+  margin: 100px auto;
+  padding: 20px 30px;
+  border-radius: 6px;
+  background-color: white;
+  text-align: center;
+  border: 1px solid $color--border;
+  box-shadow: 1px 1px 3px rgba(0,0,0,.1);
+}