How to implement user role with user panel


I’m currently try to develop my first web application in Ruby on Rails

I made a user model with a “role” integer in the database to determine
if a

  • Guest
  • Editor
  • Administrator

I’m using an enum in the model to manage roles availables.

I don’t know if it is a good choise ?

Like a CMS, my application manage articles.

  • A Guest user can see some private articles and
    post comments like in a blog.
  • An editor is like a guest user but can write articles.
  • Administrator can write article and can manage users, attribute

I would like an admin panel only for admin users.
I thought to implement that with an admin namespace and specifics
controllers for
admin actions, in this namespace.

About Editor and Guest, I don’t know it I should also create differents
namespaces ?

Is this practise is a good choise to be conform with Rails principles
REST full) ?

I would like to know what would be the bests practise in Rails way to
implement that.
Your tips or recommendations are welcome :wink: ! I would like to learn the
best pratices in
Ruby on Rails !

You should probably use Devise & Cancan.

They’re pretty easy to use and very powerful.


Thank you for your answer, Cody S…

Sure, it is possible to use gems but I would like to do it myself from
scratch because
I think this is a good training to learn good practise in Rails.

Le vendredi 29 mai 2015 15:13:11 UTC+2, Cody S. a écrit :

I’d also recommend looking the catalog of gems on this website (or

If you don’t you might be facepalming yourself few times.

So there was a Railscast that did an authentication system from scratch,
and for a simple use case you can easily check if a user has a certain
in a before_filter / before_action, but admittedly the gems are well
tested, and peer reviewed, so is probably the best way to go. If you are
using the latest Rails (which you should be), then either use cancancan
cancan only works on rails 3), but I now prefer pundit for larger
as cancan(can) centralizes everything in one ‘Ability’ class, while
takes the modular approach by specifying the policies on a per model /
class basis which makes them easier to test in isolation, and scales

On 4 June 2015 at 17:38, [email protected] wrote:

Your tips or recommendations are welcome :wink: ! I would like to learn the
best pratices in
Ruby on Rails !

The best practice is to use good gems when they are available. Spend
your time developing the bits specific to your application. By all
means, as a learning exercise, look at the source code of gems to see
how they work.

Have you already worked right through a good tutorial such as (which is free to use online)?