All threads / What is the best way to work with user roles?

Ask A Question

Notifications

You’re not receiving notifications from this thread.

What is the best way to work with user roles?

Samantha O asked in Rails

What is the best way to achieve this when people sign up? I have a user model and an account model. I want to have 3 roles in my application. The administrator, store_owner and end_user.

A store owner can add a store.
The end_user sees all the stores that a store_owner has added.
The administrator sees everything :)

For now I have:

  class User < ApplicationRecord
  devise :database_authenticatable, :registerable,
  :recoverable, :rememberable, :validatable

  enum type: [:administrator, :store_owner, :end_user]
  enum gender: [:male, :female]
end


class Account < ApplicationRecord
  enum status: [:active, :inactive, :expired, :locked]
  has_many :users

  before_create :set_api_key
  accepts_nested_attributes_for :users


  private
  def self.generate_api_key
    SecureRandom.hex(36)
  end

  def set_api_key
    self.api_key = Account.generate_api_key
  end
end

And in my signup view:

<%= form_for @account do |f| %>
<%= f.fields_for :users do |user| %>
<%= f.label :email %>
<%= user.email_field :email, autofocus: true, autocomplete: "email", placeholder: "[email protected]" %>
<%= f.label :password %>
<% if @minimum_password_length %>
    <em>(<%= @minimum_password_length %> characters minimum)</em>
<% end %>
<%= user.password_field :password, autocomplete: "new-password", placeholder: "Password" %>
<%= f.label :password_confirmation %><br />
<%= user.password_field :password_confirmation, autocomplete: "new-password", placeholder: "Password" %>
<%= f.submit "Sign up" %>

In my accounts controller:

class AccountsController < ApplicationController
  def index
  end

  def new
    @account = Account.new
    @account.users.build
  end

  def create
    @account = Account.new(account_params)

    if @account.save
      sign_in @account.users.first, bypass: true
      redirect_to root_path
   else
      render :new
  end
end

  def destroy
    @account = Account.find(params[:id])
    @account.destroy
    redirect_to root_path, notice: "Account deleted."
  end

  private

  def account_params
    params.require(:account).permit(users_attributes: [:email, :password, :password_confirmation])
  end
end

So the question is, how do I make separate signups for store_owner and end_user? An example of this would be something like airbnb...There you can be a host (someone who rents out their home, or someone who rents a home from a host).

Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 38,558+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    logo Created with Sketch.

    Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

    © 2020 GoRails, LLC. All rights reserved.