Menu
I'm working on a RoR project and I'm a little confused about this new gem that was recommended for my purposes, Rolify. As I understand it, rolify does pretty much the same thing as CanCan except it persists abilities (roles for rolify) to the database. However, all over the Rolify wiki, I see instructions on using Rolify with CanCan.
So basically, I'm wondering what's the difference between Rolify and CanCan? When should I use the one and not the other?
594
TL;DR: Rolify is just for roles: grouping Users by Permission : access to a controller action. You have yet to decide how you are going to manage Permissions .
This gem adds the rolify method to your User class. You can also specify optional callbacks on the User class for when roles are added or removed: class User < ActiveRecord::Base rolify :before_add => :before_add_method def before_add_method(role) # do something before it gets added end end.
CanCan is used for managing authorization from the application standpoint is what lets you restrict X controller/action to X user.
When you want to dive into a deeper fine grained of control you use Rolify. Rolify, goes beyond the simple
if user.role == :super_admin
# do something pretty cool stuff
elsif user.role == :admin
# do some more awesome stuff
by allowing you to add roles to resources. Let's say you have a forum application, where you want an user to be able to have a moderator role on the Gaming Board. You would use rolify to by
user = User.find(2)
user.add_role :moderator, Forum.where(type: 'Gaming')
Rolify also let's you do this to a class by using the class itself instead of an instance (in case you want an user to be a moderator of all the boards)
user = User.find(2)
user.add_role :moderator, Forum
After that it lets you easily query the resources/class to find out who was access to what. On top of helping you manage the roles scope.
87
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
