Rails Team specific content?

Question

Hi Everyone,

I have made a fairly simple app, which can be found on GitHub called BaseApp2.

It's basically a starter application for future apps that I make to save me redoing the same parts over and over again. It's not advanced, but it serves its purpose for me.

At the moment any information that's entered into the database is either done by an user or an administrator user. That's the limit of my ability!

I would really like to add the ability of each user and administrator is part of a team or company. So each team/company would have one administrator (account owner if you like) and a number of users. The administrator could only edit users under their team/company name. Each team/company would only see data entered by their team/company.

Any ideas or pointers where I need to start with this kind of thing?

Thanks,

Danny

Answer 1

Your post is pretty vague, but based on what you said I'd create a model for Company that has_many users.

Making sure that each user could only see data from their company would be as simple as limiting the data results to that company. Your index could look like:

 before_filter :current_company
    def index
      @data = @current_company.data.find(:all)
      respond_to do |format|
         format.html
      end
    end

Limiting admin abilities to their own companies could be done with:

@data = @current_user.company.data.find(params[:id])

This prevents them from editing anything outside their company because if they try it'll just return a record not found error. Note that this could be cleaner, but you get the idea.

This railscast on subdomains will probably point you in the right direction: http://railscasts.com/episodes/123-subdomains (I like using subdomains because it feels cleaner to me, but it's not necessary and you can still use most of the rest)