Dynamic roles and permissions using cancan

Josh Software - Where Programming is an Art!

Most of us already use cancan for authorization, where we define the Role Based Access (RBAC) to various models in the Ability class. However, any changes to these abilities, requires code changes to the Ability class and restarting the application for the changes to take effect.

What if we could assign these permissions dynamically? That would be great, wouldn’t it. This is how we manage roles and permissions dynamically. Some initial thoughts were picked up from here

This approach is based primarily on authorization for the controller actions.

Let’s consider an example. We will add the models as they are required. Right now the basic application has models User, Role and Permission. The relationship is as shown

Role #the model to save the role :name # the role name :has_many :users :has_and_belongs_to_many :permissions User :name # user name :email # user email :password # user password :belongs_to :role Permission #…

View original post 583 more words

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s