Forum: Ruby on Rails Roles|Rights|Authorization

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Ee7be48e775d357de69db2754a377160?d=identicon&s=25 Cory (Guest)
on 2007-02-10 23:47
Alright - the application I'm working on has a few different types of
users: directors, performers, watchers, uberusers.

Right now - I'm using single table inheritance to handle all types of
users and I'm able to use model objects in the core (which is
nice)...Director.find(:all), Performer.find(:all), etc.

Here's the rub: I want to be able to authorize certain actions based on
user type.

I've seen Chad Fowler's model for users|roles|rights, but he has the
good fortune of having a roles_users table and a roles_rights table.  In
this case, I don't want to really introduce a 'roles' table because then
I lose the convenience of the single table inheritance (assuming I
remove 'type' from my table and cook up one table for each type of user
- ewww - and rely on roles_users); or I end up duplicating concepts.

So - I'm wondering if anyone has cooked up any authorization schemes
based on 'type' in a single table inheritance model.
This topic is locked and can not be replied to.