Hello,

I am new to Rails and wanted to ask some of the veterans here what
they recommend for Role based permissions. I am working on an
application that has users and those users can have multiple roles.
Based on a users role various things are available/unavailable for
them to do. This access would be controlled at the controller, view
and model level at various points in the application. I would have a
screen in the admin section where I can view a persons roles, add or
remove roles, etc. Nothing real complicated.


Todd

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Search Discussions

  • Dave Aronson at Jan 12, 2012 at 6:36 pm

    On Thu, Jan 12, 2012 at 12:29, tmueller wrote:

    I am new to Rails and wanted to ask some of the veterans here what
    they recommend for Role based permissions.
    It depends on a number of factors. If this is a "real thing" for
    work, or that you intend to put out for public use, definitely just go
    with CanCan. (Or possibly one of the alternatives. CanCan does seem
    to be the most popular though.)

    On the other claw, if you're just playing, do it with CanCan (or,
    again, some alternative) the *first* time. That way, you get the idea
    how that sort of thing generally works. *After* that, though, it can
    be quite a good learning experience to try to duplicate the
    functionality yourself. Meanwhile, having learned CanCan can't hurt
    either. :-) You could separate the authorization checks into some
    wrapper class that would, under the hood, initially call CanCan, but
    then you can remove CanCan (kick the CanCan?), and see what you have
    to do to make the app work again. I suggest having particularly good
    test coverage in that piece, so you know you've got it working right.

    -Dave

    --
    Dave Aronson, President, Dave Aronson Software Engineering and Training
    Ruby on Rails Freelancing (Northern Virginia, Washington DC, or Remote)
    DaveAronson.com, Codosaur.us, Dare2XL.com, & RecruitingRants.com (NEW!)
    Specialization is for insects. (Heinlein) - Have Pun, Will Babble! (me)

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Tmueller at Jan 12, 2012 at 6:57 pm
    Hi Dave,

    Thanks for the quick reply. I'll give CanCan a go as from what I've
    read it should cover most everything I need for role auth.



    Todd
    On Jan 12, 10:35 am, Dave Aronson wrote:
    On Thu, Jan 12, 2012 at 12:29, tmueller wrote:
    I am new to Rails and wanted to ask some of the veterans here what
    they recommend for Role based permissions.
    It depends on a number of factors.  If this is a "real thing" for
    work, or that you intend to put out for public use, definitely just go
    with CanCan.  (Or possibly one of the alternatives.  CanCan does seem
    to be the most popular though.)

    On the other claw, if you're just playing, do it with CanCan (or,
    again, some alternative) the *first* time.  That way, you get the idea
    how that sort of thing generally works.  *After* that, though, it can
    be quite a good learning experience to try to duplicate the
    functionality yourself.  Meanwhile, having learned CanCan can't hurt
    either.  :-)  You could separate the authorization checks into some
    wrapper class that would, under the hood, initially call CanCan, but
    then you can remove CanCan (kick the CanCan?), and see what you have
    to do to make the app work again.  I suggest having particularly good
    test coverage in that piece, so you know you've got it working right.

    -Dave

    --
    Dave Aronson, President, Dave Aronson Software Engineering and Training
    Ruby on Rails Freelancing (Northern Virginia, Washington DC, or Remote)
    DaveAronson.com, Codosaur.us, Dare2XL.com, & RecruitingRants.com (NEW!)
    Specialization is for insects. (Heinlein) - Have Pun, Will Babble! (me)
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Djangst at Jan 12, 2012 at 7:00 pm
    http://asciicasts.com/episodes/192-authorization-with-cancan
    On Jan 12, 1:57 pm, tmueller wrote:
    Hi Dave,

    Thanks for the quick reply. I'll give CanCan a go as from what I've
    read it should cover most everything I need for role auth.

    Todd
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Michael Pavling at Jan 12, 2012 at 8:51 pm

    On 12 January 2012 17:29, tmueller wrote:
    I am new to Rails and wanted to ask some of the veterans here what
    they recommend for Role based permissions.
    If it's a terribly simple permissions model, you can roll your own
    with a small piece of code like this:
    http://erniemiller.org/2008/09/30/easy-role-based-authorization/

    ...I've used tweaked versions of this in the past.

    But if you plan any kind of scaling up, it would probably be best to
    stick to a tried and tested public gem..

    Regards,
    Michael

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Don at Jan 13, 2012 at 4:48 pm
    I'm fairly new to the Rails community and recently faced a similar
    situation. First from what you describe, CanCan will most certainly
    provide the functionality you desire.

    Secondly, there is a nice screencast at Railscasts.com that provides a good
    introduction, however some of processes in the screencast have been
    updated/modified in more recent versions of the gem, so be sure to go by
    the github documentation vs. the example in the screencast.

    Thirdly, I would describe the learning curve for the CanCan gem as
    moderate. I have a fairly complex use case and my CanCan Abilities class
    has gotten a little large. However, I've been amazed that each time I
    initially thought CanCan was in error, when I worked it through, CanCan was
    accurate. Also, I was worried about a performance hit, but so far have not
    seen anything that indicates CanCan will not scale.

    Highly recommended gem from my standpoint.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/-GdK4uTS2YoJ.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Tmueller at Jan 14, 2012 at 12:08 am
    Hi Don,

    Thanks for the write-up on CanCan. I'm currently trying out
    declarative_authorization as I want to have the role info be
    accessible in my models.
    On Jan 13, 8:47 am, Don wrote:
    I'm fairly new to the Rails community and recently faced a similar
    situation.  First from what you describe, CanCan will most certainly
    provide the functionality you desire.

    Secondly, there is a nice screencast at Railscasts.com that provides a good
    introduction, however some of processes in the screencast have been
    updated/modified in more recent versions of the gem, so be sure to go by
    the github documentation vs. the example in the screencast.

    Thirdly, I would describe the learning curve for the CanCan gem as
    moderate.  I have a fairly complex use case and my CanCan Abilities class
    has gotten a little large.  However, I've been amazed that each time I
    initially thought CanCan was in error, when I worked it through, CanCan was
    accurate.  Also, I was worried about a performance hit, but so far have not
    seen anything that indicates CanCan will not scale.

    Highly recommended gem from my standpoint.
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Santosh c at Jan 14, 2012 at 8:20 pm
    Hi,
    my app is ruby based but I am not using rails. Can I still use CanCan?

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Don at Jan 15, 2012 at 4:43 am
    CanCan is Rails specific - the docs on GitHub clearly state it is for Ruby
    on Rails. From my limited experience, CanCan requires Gems that are Rails
    specific and relies on many aspects of Rail's MVC structure. I estimate it
    would be a big job to rework CanCan to be not dependent on Rails plug-ins
    and work with whatever MVC structure (if any) you have in your app. It
    would most likely be easier to roll your own.


    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/ww8m-DTXmYQJ.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Don at Jan 15, 2012 at 4:47 am
    Yes, CanCan is very "controller" centric. Sounds like the
    declarative_autorization gem allows one to follow the "skinny controllers,
    fat models" design mantra. I'll have to check it out.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/FVtG4JbWJJ8J.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedJan 12, '12 at 5:30p
activeJan 15, '12 at 4:47a
posts10
users6
websiterubyonrails.org
irc#RubyOnRails

People

Translate

site design / logo © 2022 Grokbase