are admins also users?

[fugee ohu]

i want one of my tables to belong to either admins or users because i'm under the impression they can't belong to both
can someone clarify please

[Colin Law]

You need to give us more information about the tables and classes
involved and what you are trying to achieve.

Colin

[Mike]

I never really liked this functionality of devise,.

I normally make everyone a user, and the assign an 'admin' role in the same way as any other permission.

[tamouse pontiki]

On Wed, Feb 22, 2017 at 2:38 AM Mike <mike.s...@gmail.com> wrote:

I never really liked this functionality of devise,.

I normally make everyone a user, and the assign an 'admin' role in the same way as any other permission.

:thumbs-up: for this. Users (aka accounts) are users. Roles (aka privileges) are roles. Users have roles. Roles define access to resources and actions.

[fugee ohu]

I agree, so then what do we need admin model for in light of roles

[Colin Law]

On 22 February 2017 at 16:41, fugee ohu <fuge...@gmail.com> wrote:

I agree, so then what do we need admin model for in light of roles

You don't need admin model

 

On Monday, February 20, 2017 at 12:06:09 PM UTC-5, fugee ohu wrote:

i want one of my tables to belong to either admins or users because i'm under the impression they can't belong to both
can someone clarify please

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/c166e9bc-9a13-4bf9-a9db-651f6e5dd545%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Mike]

If you have a robust permissions system, you can also hide or show fields based on those permissions

In short I would never use an 'admin' model there is simply no point for 99% of applications

[Frederick Cheung]

On Wednesday, February 22, 2017 at 6:19:18 PM UTC, Mike wrote:

If you have a robust permissions system, you can also hide or show fields based on those permissions

In short I would never use an 'admin' model there is simply no point for 99% of applications

I've had a different experience - in one of the apps I work on I regret that users and admins are differentiated only by role. users have attributes that admin's don't need for admin tasks, but validations there mean that admins need to go though that signup process, rather than just email address & password. There are some attributes that only admins need so you end up with columns that are null for 1 million record and set for 5 of them.  In general I'd quite like the admin components and consumer facing components to be separate web applications & the shared user accounts are one of the things binding them at the moment. 

I can see that it's probably not a common case though.

Fred 

[tamouse pontiki]

Apologies if this comes through twice, it seems to have gotten stuck on my phone.

Fred, it is an important point, though. App needs vary, types of user models vary, and can have this sort of bifurcated user/admin concept with separate models and *also* need permissions / roles, which could be different for the two types of user.

There are other ways to approach it as well, such as have an account model, which handles both user and admin users, and have other tables that deal with particular other fields and aspects of each user.

It's important to spend time to think through some of these, and not just land on one and always stick with it. You also don't want to paint yourself into a corner if (when?) you later find what you thought you knew changes.

Great points, Fred.

 

[tamouse pontiki]

Fred, it is an important point,  though. App needs vary, types of user models might vary, and you can have this sort of bifurcated user / admin concept and *still* need them to have roles.

Even with this, you could have an account model, with roles of user and admin, maybe other levels, and split theextra info needed for users into a separate model, too. 

App needs vary, user needs vary, it's important to examine it well enough not to paint yourself into a corner in case what you thought you knew changes.