Authentication for 2 models


#1

I’ve got 2 models: School and Student

I’m using restful authentication for school so when someone signs up
they are routed to schools/new
The schools table has info for an admin, but I also need
authentication for students. Here is what I was thinking would be the
best way to do this:

#1 Combine admin and students into User model and have an admin?
boolean column. So schools would be info about the school, with no
admin info.

#2 When logging in, if the user is a student they would check the
student checkbox so the query can be against students, rather than
schools. I believe this is basically like having 2 authentication
systems which seems kind of complicated.

Which way would you guys do this?


#2

jko170 wrote:

I’ve got 2 models: School and Student

I’m using restful authentication for school so when someone signs up
they are routed to schools/new
The schools table has info for an admin, but I also need
authentication for students. Here is what I was thinking would be the
best way to do this:

#1 Combine admin and students into User model and have an admin?
boolean column. So schools would be info about the school, with no
admin info.

#2 When logging in, if the user is a student they would check the
student checkbox so the query can be against students, rather than
schools. I believe this is basically like having 2 authentication
systems which seems kind of complicated.

Which way would you guys do this?

The best way i would suggest you is to identify all the entities for
your requirement. Looks like you may need staff model, again teaching
and non-teaching staffs.

For now with the above two models, instead of using a boolean column, by
default have an entry in your Student tables with id = 0, that
represents the admin. Any data retrieval will be > 0 “where clause”.


#3

Here’s an approach I’ve used before… you have a user model and a
role
model and then you link the two.

class Role < ActiveRecord::Base
has_and_belongs_to_many :users
end

class User < ActiveRecord::Base

has_and_belongs_to_many :roles

def has_role(role)
self.roles.detect(|r| r.name == role}
end

def is_student?
self.has_role?(“student”)
end

def is_admin?
self.has_role?(“admin”)
end

end

Role.create :name=>“admin”
Role.create :name=>“student”

user = User.create :last_name=>“Simpson”, :first_name=>“Homer”,
:password=>“1234”, :password_confirmation=>“1234”, :email=>"
removed_email_address@domain.invalid", :login=>“homer”

user.roles << Role.find_by_name “admin”
user.roles << Role.find_by_name “student”

Makes it really easy then, cos in your views, if you use restful_auth or
acts_as_authenticated, your current_user will have a .is_admin? on it.

<% if current_user.is_admin? %>
… show stuff for admins

<% end %>

Hope that helps.

-Brian


#4

I’ll give this a try, thanks a lot!