CARVIEW

MOTORHOMES

Select Language

HTTP/2 302 server: nginx date: Wed, 24 Dec 2025 07:50:40 GMT content-type: text/plain; charset=utf-8 content-length: 0 x-archive-redirect-reason: found capture at 20091123230130 location: https://web.archive.org/web/20091123230130/https://wiki.github.com/ryanb/cancan/separate-role-model server-timing: captures_list;dur=0.656827, exclusion.robots;dur=0.072626, exclusion.robots.policy;dur=0.060725, esindex;dur=0.009721, cdx.remote;dur=8.372866, LoadShardBlock;dur=196.517468, PetaboxLoader3.datanode;dur=69.719985, PetaboxLoader3.resolve;dur=61.547431 x-app-server: wwwb-app223-dc8 x-ts: 302 x-tr: 226 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 set-cookie: wb-p-SERVER=wwwb-app223; path=/ x-location: All x-as: 14061 x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() HTTP/2 200 server: nginx date: Wed, 24 Dec 2025 07:50:40 GMT content-type: text/html x-archive-orig-server: nginx/0.7.61 x-archive-orig-date: Mon, 23 Nov 2009 23:01:29 GMT x-archive-orig-connection: close x-archive-guessed-content-type: text/html x-archive-guessed-charset: utf-8 memento-datetime: Mon, 23 Nov 2009 23:01:30 GMT link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate" content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org x-archive-src: 52_12_20091123201817_crawl103-c/52_12_20091123230000_crawl101.arc.gz server-timing: captures_list;dur=0.596629, exclusion.robots;dur=0.021490, exclusion.robots.policy;dur=0.009881, esindex;dur=0.010436, cdx.remote;dur=14.059906, LoadShardBlock;dur=262.390252, PetaboxLoader3.datanode;dur=261.935306, PetaboxLoader3.resolve;dur=68.017473, load_resource;dur=114.754347 x-app-server: wwwb-app223-dc8 x-ts: 200 x-tr: 452 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 x-location: All x-as: 14061 x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() content-encoding: gzip Separate Role Model - cancan - GitHub

ryanb / cancan

190

Description:

Simple authorization for Rails.

Home | Edit | New

Separate Role Model

If you are defining a user’s roles in Ruby then I don’t recommend using a separate role model and table. See Role Based Authorization for my recommend way.

But in case a separate model is the best solution for you, here I show how to set up a many-to-many association between User and Role. The join model is called Assignment.

class User < ActiveRecord::Base
  has_many :assignments
  has_many :roles, :through => :assignments
end
class Assignment < ActiveRecord::Base
  belongs_to :user
  belongs_to :role
end
class Role < ActiveRecord::Base
  has_many :assignments
  has_many :users, :through => :assignments
end

You can assign roles using checkboxes when creating or updating a user model.

<% for role in Role.all %>
<div>
  <%= check_box_tag "user[role_ids][]", role.id, @user.roles.include?(role) %>
  <%=h role.name %>
</div>
<% end %>
<%= hidden_field_tag "user[role_ids][]", "" %>

Or you may want to use Formtastic for this.

Next you need to determine if a user is in a specific role. You can create a method in the User model for this.

# in models/user.rb
def has_role?(role_sym)
  roles.any? { |r| r.name.underscore.to_sym == role_sym }
end

And then you can use this in your Ability.

# in models/ability.rb
def initialize(user)
  user ||= User.new # in case of guest
  if user.has_role? :admin
    can :manage, :all
  else
    can :read, :all
  end
end

That’s it!

Last edited by ryanb, Wed Nov 18 16:12:21 -0800 2009

Home | Edit | New

Versions:

Original Source | Taken Source

Separate Role Model

Pages