frontcodelover
frontcodelover

Reputation: 337

Getting started with authorization or role based privileges in Ruby on Rails.

I have bigs interrogations since 1 week. I have 3 differents type of users :

  1. Admin
  2. Editor (need admin validation to write or create on database)
  3. Simple user (with basics functions like comment, addfavorite...)

For the moment id just installing gem devise (and it s magic)

So for you what is the best pratice to do my differents users with differents priviledges ? Simple boolean (user,admin,editor) ? I need to attribute a specific post for Editor with user_id for example ? Do you know a gem who can help to do that ? Do you think it's possible to do an admin validation system to inject on DB ? How I can make pending list for Editor post ?

That's lot of noob questions for sure, but i m lost at this moment, so if u can help me please :)

Thanks

Upvotes: 2

Views: 1128

Answers (2)

sump
sump

Reputation: 506

I find cancan to be a bit of a headache and prefer using a polymorphic association.

User is your top level model with "profiles" of

  1. Admin
  2. Editor
  3. Simple User

Your User model can contain a field called "profile_id" and "profile_type"

For example:

class User < ActiveRecord::Base
  belongs_to :profile, polymorphic: true
end

class Admin < ActiveRecord::Base
  has_one :user, as: :profile, dependent: :destroy
end

This works nicely too when your different "profiles" have different database fields. You can also just use Single Table Inheritance.

Edit:

In your user model:

def admin?
  self.profile_type.downcase == "admin"
end

Then you can use the helper current_user.admin?

The same can be done for the remaining types.

Upvotes: 1

Shaunak
Shaunak

Reputation: 18056

Because this is a generic question without code example, I am going to suggest a general approach when beginning to solve this problem.

What you need is the cancancan gem:

github.com/CanCanCommunity/cancancan.

The gem provides "authorization" framework and capabilities that can be easily used in rails framework.

Original gem cancan was written by Ryan Bates as well. Here's a great video that explains it:

railscasts.com/episodes/192-authorization-with-cancan

Also, if you are a rails beginner, I would suggest not to use "devise magic" without understanding how it works. A good start is to try authentication from scratch as explained quite simply by Ryan bates here :

railscasts.com/episodes/250-authentication-from-scratch

It will make understanding cancancan easier.

Upvotes: 2

Related Questions