I've got devise working, but I see CanCan frequently mentioned in tutorials alongside Devise; is it meant to be complementary or is CanCan an alternative to Devise?
CanCan covers authorization - who is allowed to do what. Devise handles authentication - Are you truly you? That's how they complement each other. You can use one without the other.
See for example http://techoctave.com/c7/posts/34-authentication-vs-authorization.
Devise handles authentication (logging in and out, handling sessions, etc..) but it does not handle authorization (allowing access to views or actions).
If you have a non-trivial application, then you will need authorization and probably roles.
CanCan is a very simple authorization Gem, which can work nicely if you have very few roles, and very simple authorization rules. http://railscasts.com/episodes/192-authorization-with-cancan
If you have a lot of roles, or more complex authorization rules, then I would recommend declarative_authorization http://railscasts.com/episodes/188-declarative-authorization
Both work very well with Devise, and either Rails 2 or Rails 3.
For implementing roles you have two choices: having a roles table and a join table between roles and users in your database; or using the role_model plugin http://railscasts.com/episodes/189-embedded-association You'll also have the choice if a user can only have one role, or many roles.
hope this helps
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With