How do you manage Access Control?

I’m working on a rather large app, where we have more than 7 user
roles, each of which will have permission to access different parts of
the application.

Now the User/Admin system is falling short so I need to redefine the
access control system.

I am thinking of coding something like cakephp uses, with aro’s and
aco’s but is rather unmantainable to have a table with every single
possible route and grant access to roles.

what is the best way to manage access control? how do you do it?

Thank you.

Check out restful authentication plugin, and the role authentication
plugin that works as an addition

what is the best way to manage access control? how do you do it?

I don’t, but you could try one of these:

http://agilewebdevelopment.com/plugins/search?search=acl

max wrote:

I am actually using the restful_acl, and restul_authentication
plugins, but they are really falling short

Check out this tutorial on restful_authentication, maybe it could give
you some ideas on access control.

http://railsforum.com/viewtopic.php?id=14216

mike

I am actually using the restful_acl, and restul_authentication
plugins, but they are really falling short

I had similar requirements. I ended up creating a new model
“permited_actions” where I have a list of all controllers/actions. I
also created HABTM relationship between the roles and
permited_actions. Then assigned users to different roles. Finally,
added a before_filter on each controller to check_action_permission (I
put that method in application.rb)

On Sep 9, 12:49 pm, Michael Lavrisha <rails-mailing-l…@andreas-

tried this one?
http://agilewebdevelopment.com/plugins/show/807

On Sep 9, 12:56 pm, max [email protected] wrote:

I am actually using the restful_acl, and restul_authentication
plugins, but they are really falling short

May I ask how? Can I help?