Forum: Ruby on Rails Multi User System -- STI? Roles? Hmmm?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
03b5f4247bf3a72476cb7481572e70da?d=identicon&s=25 Mrkris Mrkris (mrkris)
on 2009-02-20 08:02
Ok, this is a tricky situation. I have a user system where a user might
be an admin, a director, an actor/actress, an extra, or a member At
first, STI sounded great, mainly because a member could just browse, a
directory and actor/actress has_many movies, and so on. Then I realized
that a director could also star in a movie, so, STI wouldn't work
because of the overlap.

I'm not sure what to do to build this cleanly, I mean, it'd be easy to
use STI so I can have model relationships based on type, but if you
can't share the models, what am I to do? Use a hacky implementation of
roles?

Thoughts? Suggestions?

Thanks!
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2009-02-20 08:16
(Received via mailing list)
STI?
  http://en.wikipedia.org/wiki/Sexually_transmitted_disease
  http://wiki.rubyonrails.org/rails/pages/singletabl...

why don't you just use a role-based authentication system? that way
your users may have many different roles. or do actors have different
attributes than directors?

it clearly depends on what your trying to achieve. the better the
infos you offer, the better the advice you might get.
03b5f4247bf3a72476cb7481572e70da?d=identicon&s=25 Mrkris Mrkris (mrkris)
on 2009-02-20 08:22
MaD wrote:
> STI?
>   http://en.wikipedia.org/wiki/Sexually_transmitted_disease
>   http://wiki.rubyonrails.org/rails/pages/singletabl...
>
> why don't you just use a role-based authentication system? that way
> your users may have many different roles. or do actors have different
> attributes than directors?
>
> it clearly depends on what your trying to achieve. the better the
> infos you offer, the better the advice you might get.

STDs lol. Simple example, a director can direct movies, a browsing
member can not. An actor can star in a movie, a browsing member can not.
80e4cb97cae5c8d745f72337d93fd8f2?d=identicon&s=25 MaD (Guest)
on 2009-02-20 08:48
(Received via mailing list)
well that's more or less a questions of rights. i guess you could
easily manage that with a role-based authentication system.
03b5f4247bf3a72476cb7481572e70da?d=identicon&s=25 Mrkris Mrkris (mrkris)
on 2009-02-20 08:51
MaD wrote:
> well that's more or less a questions of rights. i guess you could
> easily manage that with a role-based authentication system.

How would you cleanly define a relationship between a user and other
models based off a role?
8410e0ff69ecfd69cf89de4b42745201?d=identicon&s=25 Dave S (Guest)
on 2009-02-20 15:17
(Received via mailing list)
I've used restful_authentication and role_requirement for a similar
situation. It's easy to setup, and should allow you to do all the
stuff you want. As far as the associations you speak of, you probably
to setup some different find methods with_scope. Check out the
following links for more info...

http://github.com/timcharper/role_requirement
http://github.com/technoweenie/restful-authentication
http://api.rubyonrails.org/classes/ActiveRecord/Ba...

On Feb 20, 1:02 am, Mrkris Mrkris <rails-mailing-l...@andreas-s.net>
63b5df91b46e1d2f5ea290d0702b3a58?d=identicon&s=25 Nu2Rails (Guest)
on 2009-02-20 15:20
(Received via mailing list)
Well it sounds like you just answered your question. You should
associate your other models to your user but the limit their access to
it with the permissions that are associated to the roles that they
have. Take a look at something like role_requirement. A user can have
more than one role. IE; One user could be an actor, director, and an
extra while another director isn't an actor but is an extra... I hope
this makes some sense... It's early for me.

On Feb 20, 2:51 am, Mrkris Mrkris <rails-mailing-l...@andreas-s.net>
03b5f4247bf3a72476cb7481572e70da?d=identicon&s=25 Mrkris Mrkris (mrkris)
on 2009-02-20 18:13
Dave S wrote:
> I've used restful_authentication and role_requirement for a similar
> situation. It's easy to setup, and should allow you to do all the
> stuff you want. As far as the associations you speak of, you probably
> to setup some different find methods with_scope. Check out the
> following links for more info...
>
> http://github.com/timcharper/role_requirement
> http://github.com/technoweenie/restful-authentication
> http://api.rubyonrails.org/classes/ActiveRecord/Ba...
>
> On Feb 20, 1:02�am, Mrkris Mrkris <rails-mailing-l...@andreas-s.net>

Yeah, I love role_requirement, been using it for a while. I guess I'll
just stick with it instead of STI.
6883e5ef03484d4fcef507d7b4f1d243?d=identicon&s=25 Matt Jones (Guest)
on 2009-02-20 21:25
(Received via mailing list)
I've run into this situation - recently had a client that stated
during the
initial development that 'Users can only ever have one role'. So I
used
STI for all the user types; in addition to permission differences,
each
role had different associations and sitewide navigation.

THEN, the client says, "Well, some people can be more than one
thing"...

I ended up using a hackish solution where users get stored with their
role
as part of their email; ie a user with multiple roles would have two
records in
the DB:

- bob+admin@example.com
- bob+candidate@example.com

Then the login screen and the user models were tweaked so that
bob@example.com
has a consistent set of profile details and password hash/salt, and
could log in
as just bob@example.com.

Finally, I added a role select screen so that, in this example, bob
could switch between
admin and candidate.

I'm not suggesting that this is the best solution, merely a possible
one. It was good
for my app because the different user types see totally different
navigation structures.

--Matt Jones


On Feb 20, 12:13 pm, Mrkris Mrkris <rails-mailing-l...@andreas-s.net>
280b78a61a968391b7e07e912be102a8?d=identicon&s=25 Robert Walker (robert4723)
on 2009-02-21 06:15
Mrkris Mrkris wrote:
> Yeah, I love role_requirement, been using it for a while. I guess I'll
> just stick with it instead of STI.

You might, as an alternative, take a look at Lockdown:
http://atlrug.org/stonean/posts/96-Lockdown

I have not tried this yet myself, but what I saw of Lockdown at this
months Atlanta Ruby User's Group (ATLRUG). Looked pretty interesting.
Maybe it will help.
This topic is locked and can not be replied to.