I just played around with Pundit and it's awesome!! I love the default "lock everything down" out of the box. Thanks for the recommendation!
Ok, I'll give that a shot. Thanks! Also, would you recommend Cancancan or Pundit for authorization? (or something else)
No, I don't have a preference. I am just looking for the best way to structure it. I do think it would be less confusing and easier if people were able to have one account (Just a User model), and then I would use an auth gem to set roles for each user. Does that sounds like a good way to set it up? If so, what auth gem would you recommend?
Hey Chris, I actually have another question related to this one. In my app, I want users to be able to sign up and create their own promotional contests. However, I will also have users sign in to the app to enter the contests that other users create (I will be doing this through Facebook/Twitter OAuth). What would be the best way to structure this? Should I create a User and an Admin model in Devise? That way I'd have the User model for users who log in with facebook/twitter to enter a contest and the Admin model for users who actually create the contests. I guess I would then use Pundit or another auth gem to have different levels of Admin users (I would be the ultimate admin and other users would only be allowed to edit their own contests). Does this sound reasonable? I don't have much experience with this so I'm not sure the best way to build the functionality. Let me know how you'd structure this! Thanks!
That's good to know. I guess I will spend my time learning the ins and outs of Devise instead of rolling my own. Thanks for your help!!
I am building a contest/promotion app (see my other thread) and am now to the point at which I want to add users. I've used Devise in the past, and have also rolled my own auth system. I like the control of doing things myself, however, Devise saves a lot of time. Is Devise always a good choice? Or are there situations in which it's not desirable? (If so, are there good alternatives?)
Oh I did not know that. Thanks, I'll check it out!
I hadn't heard of Cocoon before, I'll check it out! Thanks for laying out those models for me. I went and watched the railscast on nested and dynamic forms and things are seeming to be a little clearer.. I'll keep working on it.
Yes, I think a screencast on this would be awesome!!
Thanks for your help!
Haha I definitely understand the "oh boy" sentiment. I've never had to make anything this complex in Rails before (and I doubt it's even relatively complex) and it's totally tripping me up. I don't really know a lot about embedding other model's data into forms so it sounds like I have my work cut out for me. I'm not sure we will be doing different answers to questions. I was thinking that we'd start with simple yes or no type questions and just rock booleans (I will probably need to allow other types of questions in the future though). I think I understand what you are saying though... So I will have 4 models: Contest, Entry, Question, and Answer. When I create the Contest, I will also create Questions for that Contest (Question belongs to Contest) (Ugh.. I guess I'll also have to have a dynamic form when creating a contest). The Entry has many Answers records which belong to a Question. But the Question does not belong to the Entry right? It only belongs to the contest?
Dang, this app seems like it might be a real challenge for me to make. Hopefully I'll be able to figure it out. I'll check out that article and see if I can swing it.
I've got two models, Contest (has many entries) and Entry (belongs to contest). When I create a contest I want to be able to add some questions that would be dynamically added to the entry form... How would I data model this? Do I also add a Question model that belongs to both Contest and Entry? I'm not sure how to do this..
Posted in Authorization with Pundit Discussion
Great video! I've been searching for a good intro to authorization and this was perfect. Thanks!