StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
8906450
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2012-01-18T07:10:42.110
FavoriteCount
0
LastActivityDate
2014-03-20T08:27:27.247
LastEditDate
2014-03-20T08:27:27.247
LastEditorUserId
92096
OwnerUserId
92096
ParentId
8906237
PostTypeId
2
Score
4
ViewCount
0
LastEditorDisplayName
text
Body
As I know CanCan and declarative_authorization, and I implemented role-based authorizations with both, I recommend CanCan. Just my two cents. Example (untested, unfortunately I cannot test here and I have no access to my code) So let's say we have a structure like this: <pre><code>class User < ActiveRecord::Base belongs_to :role end class Role < ActiveRecord::Base has_many :users # attributes: project_read, project_create, project_update end </code></pre> Then, CanCan could look like this: <pre><code>class Ability include CanCan::Ability def initialize(user) @user = user @role = user.role # user can see a project if he has project_read => true in his role can :read, Project if role.project_read? # same, but with create can :create, Project if role.project_create? # can do everything with projects if he is an admin can :manage, Project if user.admin? end end </code></pre> You can find all information you need in the CanCan wiki on github. Personal recommendation to read: <ul> <li><a href="https://github.com/ryanb/cancan/wiki/Defining-Abilities" rel="nofollow">https://github.com/ryanb/cancan/wiki/Defining-Abilities</a></li> <li><a href="https://github.com/ryanb/cancan/wiki/Defining-Abilities-with-Blocks" rel="nofollow">https://github.com/ryanb/cancan/wiki/Defining-Abilities-with-Blocks</a></li> <li><a href="https://github.com/ryanb/cancan/wiki/Authorizing-Controller-Actions" rel="nofollow">https://github.com/ryanb/cancan/wiki/Authorizing-Controller-Actions</a></li> </ul> Basically you just need to extend the example above to include your roles through your relations. To keep it simple, you can also create additional helper methods in <code>ability.rb</code>. The main mean caveat you may fall for (at least I do): Make sure your user can do something with a model before you define what the user can't. Otherwise you'll sit there frustrated and think "but why? I never wrote the user can't.". Yeah. But you also never explicitly wrote that he can... 
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POAuthorization in Rails 3.1 : CanCan, CanTango, declarative_authorization?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USpduersteler
UserOwnerUserId
1. USpduersteler
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POAuthorization in Rails 3.1 : CanCan, CanTango, declarative_authorization?
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.