Jay Killeen

Joined

4,220 Experience
26 Lessons Completed
0 Questions Solved

Activity

Posted in User Authentication with Devise | GoRails

What video did you create the navbar partial?

Posted in User Authentication with Devise | GoRails

If you are intending to use an authorisation gem such as cancancan or pundit then the the other videos use 'rails generate devise User role'. Save you a couple of clicks going back to see.

Posted in Authorization with Pundit Discussion

Pundit seems to look more like the rest of my app. I do like that in cancancan you can do the can? wrap which looks really sweet and you have the authorize resources in your controllers but once I get into abilities.rb things start to get messy.

Testing with Rspec seems to look quite similar for both after viewing an existing app I have inherited and looked at this article from Thunderbolt Labs http://thunderboltlabs.com/....

This article was also a good read to get the initial purpose for pundit http://www.elabs.se/blog/52....

Posted in Authorization With CanCanCan Discussion

That was really good thank you. I'll take a look at the Pundit one. I am interested in understanding more around the Permission model and storing the abilities in a database. I think at this stage I will build it out in abilities.rb but concerned it may be difficult to migrate to a Permission model later down the track.

Doesn't that get a bit dangerous if the user forwards their email to someone else? We had a scenario where a HR Manager was forwarding an email to people in their team, which then got emailed to people in the business. Before you know it people are logging in as HR Manager and could potentially see salary information etc.

OR

Is this why we expire tokens for the one's sent out on emails etc?

logo Created with Sketch.

Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

© 2022 GoRails, LLC. All rights reserved.