Using groups
2 views
Skip to first unread message
korebantic
Feb 20, 2009, 5:24:08 PM2/20/09
to Rails Authorization Plugin
The authorization plugin provides a powerful way to handle access
based on roles. However, when we think about more advanced
authorization scenarios, many systems need the concept of groups as
well. In those cases roles should be assignable to groups, and the
determination of whether a user has a given role would come from group
membership.
Having poked around the code base it looks like there would be quite a
bit of rework to allow group based roles. But maybe I'm wrong and it
wouldn't be so bad?
If it's not to onerous, would the developers be interested in
discussing this with me and seeing if this makes sense, going over the
implementation details, and then I could contribute that back to the
code base?
Otherwise we'll end up having to roll our own solution, but we'd
rather give back to the community something...
based on roles. However, when we think about more advanced
authorization scenarios, many systems need the concept of groups as
well. In those cases roles should be assignable to groups, and the
determination of whether a user has a given role would come from group
membership.
Having poked around the code base it looks like there would be quite a
bit of rework to allow group based roles. But maybe I'm wrong and it
wouldn't be so bad?
If it's not to onerous, would the developers be interested in
discussing this with me and seeing if this makes sense, going over the
implementation details, and then I could contribute that back to the
code base?
Otherwise we'll end up having to roll our own solution, but we'd
rather give back to the community something...
Tim
Apr 7, 2009, 5:00:44 PM4/7/09
to Rails Authorization Plugin
Can you give an example of what you were trying to accomplish?
It seems that you can already group users (a role can be considered a
group)
and permit the users based on whether the user has_role("group_name").
It seems that you can already group users (a role can be considered a
group)
and permit the users based on whether the user has_role("group_name").
Reply all
Reply to author
Forward
0 new messages