Authorization in rails4+

Question

I have a User table where i store user information and i have a Role table where i store the roles. The associations of the tables is : User can have just one role, and roles can have more than one User. I have my controller where i have actions like "create, new, update, delete". I want to use authorization for these actions. For example admin can do everything, a simple user can just read etc. Im very new in RoR, can somebody tell me how to permit/restrict access to specific pages/actions based in roles.

Thanks in advance

possible duplicate of [Rails 4 authorization gem](http://stackoverflow.com/questions/20299354/rails-4-authorization-gem) — Brad Werth, Sep 03 '15 at 22:50
Im trying to use one of them, but it stops all the applications, they are so messed up. I was wondering if there is a method with queries or something. — ILLYRIUM, Sep 04 '15 at 09:44

Andy Barron · Answer 1 · 2015-09-03T22:57:53.830

-1

The CanCanCan gem is designed for this task.

I would also recommend considering the gem Devise for user authentication, rather than rolling your own solution.

edited Sep 03 '15 at 22:57

answered Sep 03 '15 at 22:52

Andy Barron

246
2
9

Authorization in rails4+

1 Answers1