Rails 3 in Action

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

No credit card required

Chapter 8. More authorization

This chapter covers

Expanding with a more advanced system
Setting permissions to control user actions
Implementing a seed of data for the app

At the end of chapter 7, you learned a basic form of authorization based on a boolean field on the users table called admin. If this field is set to true, identifying admin users, those users can access the CRUD functions of the Project resource as well as an admin namespace where they can perform CRUD on the User resource.

In this chapter, we expand on authorization options by implementing a broader authorization system using a Permission model. The records for this model’s table define the actions specified users can take on objects from your system, such as projects. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Chapter 8. More authorization

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.