Ask A Question
Notifications
You’re not receiving notifications from this thread.
What is the best way to work with user roles?
What is the best way to achieve this when people sign up? I have a user model and an account model. I want to have 3 roles in my application. The administrator, store_owner and end_user.
A store owner can add a store.
The end_user sees all the stores that a store_owner has added.
The administrator sees everything :)
For now I have:
class User < ApplicationRecord
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable
enum type: [:administrator, :store_owner, :end_user]
enum gender: [:male, :female]
end
class Account < ApplicationRecord
enum status: [:active, :inactive, :expired, :locked]
has_many :users
before_create :set_api_key
accepts_nested_attributes_for :users
private
def self.generate_api_key
SecureRandom.hex(36)
end
def set_api_key
self.api_key = Account.generate_api_key
end
end
And in my signup view:
<%= form_for @account do |f| %>
<%= f.fields_for :users do |user| %>
<%= f.label :email %>
<%= user.email_field :email, autofocus: true, autocomplete: "email", placeholder: "name@address.com" %>
<%= f.label :password %>
<% if @minimum_password_length %>
<em>(<%= @minimum_password_length %> characters minimum)</em>
<% end %>
<%= user.password_field :password, autocomplete: "new-password", placeholder: "Password" %>
<%= f.label :password_confirmation %><br />
<%= user.password_field :password_confirmation, autocomplete: "new-password", placeholder: "Password" %>
<%= f.submit "Sign up" %>
In my accounts controller:
class AccountsController < ApplicationController
def index
end
def new
@account = Account.new
@account.users.build
end
def create
@account = Account.new(account_params)
if @account.save
sign_in @account.users.first, bypass: true
redirect_to root_path
else
render :new
end
end
def destroy
@account = Account.find(params[:id])
@account.destroy
redirect_to root_path, notice: "Account deleted."
end
private
def account_params
params.require(:account).permit(users_attributes: [:email, :password, :password_confirmation])
end
end
So the question is, how do I make separate signups for store_owner and end_user? An example of this would be something like airbnb...There you can be a host (someone who rents out their home, or someone who rents a home from a host).
