On Thu, Feb 23, 2017, 9:36 AM Frederick Cheung <[email protected]> wrote:
> > > On Wednesday, February 22, 2017 at 6:19:18 PM UTC, Mike wrote: > > If you have a robust permissions system, you can also hide or show fields > based on those permissions > > In short I would never use an 'admin' model there is simply no point for > 99% of applications > > > I've had a different experience - in one of the apps I work on I regret > that users and admins are differentiated only by role. users have > attributes that admin's don't need for admin tasks, but validations there > mean that admins need to go though that signup process, rather than just > email address & password. There are some attributes that only admins need > so you end up with columns that are null for 1 million record and set for 5 > of them. In general I'd quite like the admin components and consumer > facing components to be separate web applications & the shared user > accounts are one of the things binding them at the moment. > > I can see that it's probably not a common case though. > > Fred > Fred, it is an important point, though. App needs vary, types of user models might vary, and you can have this sort of bifurcated user / admin concept and *still* need them to have roles. Even with this, you could have an account model, with roles of user and admin, maybe other levels, and split theextra info needed for users into a separate model, too. App needs vary, user needs vary, it's important to examine it well enough not to paint yourself into a corner in case what you thought you knew changes. > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAHUC_t-Jw-XpRCAr8mVrFQ8sFwyQq6qqMQ4Cjedm_7%2BCZN%3DbYQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
