0

I'm desperate. I've read and tried many things with rails. The problem isn't that "big", it is just that I'm still getting used to the convention over conf world. Lack of examples, too.

I just want to be able to have a site where you have roles (think admin, normal user, etc) and each of these can view,say, posts, articles. However, the admin obviously has access to update/delete posts,articles. Users only post, things like that.

I can create the authentications, sessions, and all. But I don't know how to present (or refactor) code. Where does the code for the admin go? views?, what about for users?

Would I need to create controllers specifically for admins, and users, others, in order to display the same model objects (articles, posts) that I'll be dealing with? including views?

Thanks

Improve this question

3 Answers 3

Reset to default
1

There's a free Railscast that may help you with this called "Authorization with CanCan".

If you feel like parting with some money, Rails 3 in Action also covers this sort of thing in Chapters 6 and 7.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Hi Ryan, it seems that everyone suggests using plugins. I don't want to use those for now, mainly because they work but I have no idea how does it work internally (and this is what I want to learn)
For example, with cancan, it seems that somehow the ability class seems to be created and all automatically. How can I accomplish this? how can I create a class and let rails start it for me? and use it throughout my controllers?
0

First, watch this screencast: Where administration goes.

Second, watch this one: Restricting Access.

Then this one: Super Simple Authentication.

This should clear up your confusion and help you wrap your mind around "The Rails Way" of doing authentication and administration.

Once your immediate crisis is over, I would STRONGLY recommend you pick up a copy of "Beginning Rails 3". The kind of frustration you're experiencing is normal: when you come from the world of basic HTML plus scripting (javascript and php most likely) it's really hard to "get" the big idea that a framework imposes on your design.

Beginning Rails 3 takes about 2-3 days to work completely through, front to back. When you're done you'll TRULY understand Rails and your work will feel like FUN, not frustration. It's really, really, really, really worth it to take the time to read the book. 2-3 days with the book will save you 2-3 months of mediocre coding and learning by trial and error.

Improve this answer

Comments

0

There are lots of examples available. One of the best sources of information is Railscasts. You will find many screencasts on authentication (including the most recent (#250), as chance would have it). You will also find them on authorization, which is the role-based mechanism you describe.

Here's a pretty thorough comparison of many authorization plugins: http://steffenbartsch.com/blog/2008/08/rails-authorization-plugins/

I would also look into cancan (railscast), which is newer than that list and highly regarded.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.