tags:

views:

96

answers:

2
Q: 

Rails - Roles or Inheritance?

I began writing an app using declarative_authorization (http://github.com/stffn/declarative%5Fauthorization) but I'm now wondering if it's the correct approach.

In my app, I was giving some Users a "customer" role, some an "administrator" role, and some a "superadmin" role. That was working fine, but I now realise that I need some fields on the models which are specific to the "customer"

Superadmin = administrator editor

Admin = customer editor

Customer = has extra attributes like "avatar"

At this point I began creating a Customer model which inherited from User. However in that case, Customers would always have the "customer" role and only customers would have that role. That seemed a bit strange.

I guess I'm looking for a bit of guidance for this scenario.

A: 

Could you further elaborate on the emergent differences between the administrator and user roles?

Edit per your update: Personally I don't think a customer role is necessary per se, unless there is a lesser privileged category of authenticated user. I would just require a logged in user for any actions you wouldn't want a guest to perform, and require admin/superuser roles for any actions you didn't want regular users to perform. I think that getting into multiple models or even STI is unnecessary.

If there is a special case specific to your app that I'm missing out on, please let me know! ;)

Steve Graham  2009-12-08 01:50:09
You're suggesting that maybe an administrator is just a standard user? In the real app, there's actually a third level - a superadmin, which is allowed to edit administrators. Superadmin = administrator editorAdmin = customer editorCustomer = has extra attributes like "avatar"
colinramsay  2009-12-08 01:52:14
Edited the original question to include this information.
colinramsay  2009-12-08 01:54:50
A: 

I rolled my own solution to this which I detailed in http://colinramsay.co.uk/diary/2010/02/24/rails-has_one-am-i-missing-something/

colinramsay  2010-03-10 11:33:50

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.