TechQA.

Does the Pundit or CanCan gem allow for user-by-user, controller-by-controller permissions?

380 views Asked by At

I have an admin section on my site with links to 30 something features. We want to have it so that each customer service reps will be given access to these pages on a very granular, individual level (i.e. Joe will be given access to page A and B, but not C; Mary is given access to A and C, but not B).

Is Pundit or CanCan made to work like that or would I be better off creating a Permission model that relates to a User with a boolean column for each admin feature? I was hoping to avoid that as I could see it getting out of hand quick.

ruby-on-rails ruby cancan pundit
Original Q&A
1

There are 1 answers

1
coreyward On

Rather than creating a column for each feature, you can use a single integer column and utilize a bit mask to store N boolean values. There are ruby libraries that will do this for you, like Bitfields, if desired.

Another approach is to create a join table (habtm relationship) between admins and features (you would add features as a db-backed model if they aren't already), then granting permission is as easy as adding a row to the join table. Here's an example:

class User < ApplicationRecord
  has_and_belongs_to_many :features
end

class Feature < ApplicationRecord
  has_and_belongs_to_many :users
end

# authorization
def authorized?(current_user, requested_feature)
  current_user.features.where(id: requested_feature.id).exists?
end

Related Questions in RUBY-ON-RAILS

Related Questions in RUBY

Related Questions in CANCAN

Related Questions in PUNDIT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions