Authorization With CanCanCan Discussion
Rob Sobers
Curious why CanCan and not an actively maintained project like Pundit?
I'm covering Pundit next, but CanCan is by far the leader with 4 million downloads. CanCanCan is the community maintained version of cancan so it is still always up-to-date. I'm going to do a few authorization approaches in a row so we can compare them side by side and you can determine which works the best for you.
Great watch, can't wait for the Pundit video. I've used CanCan before, Pundit looks equally as interesting. Really liking the deeper delve into the other things you can do once your authorization is going
I have error: When i open Rails C and write this: ActiveRecord::UnknownAttributeError: unknown attribute: role
That was really good thank you. I'll take a look at the Pundit one. I am interested in understanding more around the Permission model and storing the abilities in a database. I think at this stage I will build it out in abilities.rb but concerned it may be difficult to migrate to a Permission model later down the track.
Check out rolify for database backed permissions. It is pretty flexible and shouldn't cause much if any downtime if you migrate from static permissions to database ones. You'd simply create the role records in the db before deploying the rolify backed cancan config so that there was no trouble.
Josh Zandman
Hi Chris, I'm getting "ActiveModel::UnknownAttributeError: unknown attribute 'role' for User" error when trying to create an admin user in Console.
Maybe you didn't add a role string field to your model? That's usually the case when you run into that error.
W. Ama
Hi! I have a question.
I am using devise and have implemented it to the login of the user (user table in the schema), and I have created different parameters for that user.
Now the problem is that I want to create a different kind of user (an example would be like buyer, seller etc), so I will have 3 different types.
Would I have to delete the parameters from the user migration and add the different models that would (<) inherit from the User model?
Or is there a better way of doing that?
Since I am using devise, I am planning to have 2 or 3 different login pages depending on who the user type is...
What are your thoughts on this and what are the recommended ways of doing this?
Thank you.
I want to add that I am trying not to use the cancan gem and just implement it all manually as I want to keep control over my data that way.
Thank you.