Ok, this is a tricky situation. I have a user system where a user might
be an admin, a director, an actor/actress, an extra, or a member At
first, STI sounded great, mainly because a member could just browse, a
directory and actor/actress has_many movies, and so on. Then I realized
that a director could also star in a movie, so, STI wouldn’t work
because of the overlap.
I’m not sure what to do to build this cleanly, I mean, it’d be easy to
use STI so I can have model relationships based on type, but if you
can’t share the models, what am I to do? Use a hacky implementation of
roles?
why don’t you just use a role-based authentication system? that way
your users may have many different roles. or do actors have different
attributes than directors?
it clearly depends on what your trying to achieve. the better the
infos you offer, the better the advice you might get.
why don’t you just use a role-based authentication system? that way
your users may have many different roles. or do actors have different
attributes than directors?
it clearly depends on what your trying to achieve. the better the
infos you offer, the better the advice you might get.
STDs lol. Simple example, a director can direct movies, a browsing
member can not. An actor can star in a movie, a browsing member can not.
I’ve used restful_authentication and role_requirement for a similar
situation. It’s easy to setup, and should allow you to do all the
stuff you want. As far as the associations you speak of, you probably
to setup some different find methods with_scope. Check out the
following links for more info…
I’ve used restful_authentication and role_requirement for a similar
situation. It’s easy to setup, and should allow you to do all the
stuff you want. As far as the associations you speak of, you probably
to setup some different find methods with_scope. Check out the
following links for more info…
Well it sounds like you just answered your question. You should
associate your other models to your user but the limit their access to
it with the permissions that are associated to the roles that they
have. Take a look at something like role_requirement. A user can have
more than one role. IE; One user could be an actor, director, and an
extra while another director isn’t an actor but is an extra… I hope
this makes some sense… It’s early for me.
I’ve run into this situation - recently had a client that stated
during the
initial development that ‘Users can only ever have one role’. So I
used
STI for all the user types; in addition to permission differences,
each
role had different associations and sitewide navigation.
THEN, the client says, “Well, some people can be more than one
thing”…
I ended up using a hackish solution where users get stored with their
role
as part of their email; ie a user with multiple roles would have two
records in
the DB:
Then the login screen and the user models were tweaked so that [email protected]
has a consistent set of profile details and password hash/salt, and
could log in
as just [email protected].
Finally, I added a role select screen so that, in this example, bob
could switch between
admin and candidate.
I’m not suggesting that this is the best solution, merely a possible
one. It was good
for my app because the different user types see totally different
navigation structures.
I have not tried this yet myself, but what I saw of Lockdown at this
months Atlanta Ruby U.'s Group (ATLRUG). Looked pretty interesting.
Maybe it will help.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.