I’ve worked through some rails tutorials and am trying to create
something a little more complicated for learning purposes. I’m trying
to extend a blog application into more of a cms with a basic user/
group permission system.
Basically, I have Users, Articles and Groups. Users can have a role
of either: Author or Viewer. Some articles are private and some are
public. For private articles, I’d like to have a system where an
article can be permissioned to either a group or to an individual user
or even both.
When a website visitor tries to access an article AND the article is
‘Private’, I’d like for the system to prompt the visitor to login.
Once logged in, I want the system to then check if this user has
permission to view the article. Permission being defined as: if this
user is either in a group that has permission to the article OR the
user himself has explicit permission to that article.
Here’s what I currently have - does this make sense? I’m mostly
struggling with the Article_Private_Access model and whether this is a
role (role is either ‘Author’ or ‘Viewer’)
access_type (‘Private’ or ‘Public’)
Article_Private_Access (** this serves to link Articles with
permissioned Users or Groups)
access_type (‘Group’ or ‘User’)
access_id (this id would point to either a User record, or a
I’m just not sure whether to use the Article_Private_Access table and/
or how to model it. I was thinking this table would contain a list of
Users and/or Groups that had access to a particular Article. But I’m
a bit lost now…
Any help would be greatly appreciated.