Declarative Authorization is one more choice. For authentication, you would need user object in Crontroller#current_user and should user model need to respond to role_symbols. you can find more details on here<https://github.com/stffn/declarative_authorization>
Thanks, Harun On Sat, Oct 15, 2011 at 5:58 PM, Dheeraj Kumar <[email protected]>wrote: > I personally use Devise + CanTango (a roles layer on top of CanCan, an > authorization provider) and it's really really easy to set it up and get > going. You should really try the combo out. > > On Sun, Oct 16, 2011 at 2:22 AM, Brandon Black <[email protected]>wrote: > >> For some reason everyone seems to always go for right Devise (like a >> moth to a flame). Nothing wrong with that, but I've always found >> OmniAuth to be far more superior: https://github.com/intridea/omniauth >> >> Depending on who your provider is and what they're using for >> authentication/authorization, it's quite easy to accomplish both >> simultaneously in one flow. Google uses a hybrid OpenID approach >> mixing in oauth authentication as part of the login flow and Facebook >> does the same with connect. >> >> OmniAuth is easy to use and well supported by the talented crew over >> at Intridea. I've used it personally many times for Google, Facebook, >> Twitter, and Vimeo, but it supports many more providers. If the >> provider you're looking for isn't there, it's quite easy to add an >> extension for them. >> >> On Oct 14, 9:03 am, Norbert Melzer <[email protected]> wrote: >> > Hi All! >> > >> > I am searching for a gem that handles authentication and authorization >> > at the same time for me. >> > >> > I tried several combinations of different authentication and >> > authorization gems, but even if the combinations worked, I dont get >> > comfortable with them. I dislike the fact to configure so many things >> > in so many places... >> > >> > Therefore I am searching for a gem that handles both for me and is >> > easy to configure. >> > >> > It should work with rails 3.1 and have configurable roles. +1 if I can >> > add own roles. +2 if I can assign the roles per object and dont have >> > to assign them system wide... >> > >> > To clarify the +2: >> > Lets say I have a forum and a blog with the same user base. I have the >> > admin role in both places and may do everything everywhere. >> > A normal user without special rights is allowed to read and comment in >> > the blog and to write in the forum. >> > The user "klaus" is an author for blogposts but has no special rights >> > in the forum, so there he is a normal user. >> > On the other Hand there is "alfred" who is allowed to moderate the >> > forum but not allowed to do anything more than comments and reading in >> > the blog. >> > There could be a third user that is allowed to write articles in the >> > blog and moderate the forum... >> > With the authorization gems I found and tried so far I had to define >> > systemwide roles that had to implement different behaviour for the >> > subsystems, so I had the following roles in this simple scenario: >> > owner -> Overall side admin >> > blog_author_and_forum_mod -> Is allowed to use full blog and moderate >> > in the forum >> > only_blog_author -> Is allowed to use the blog but is a simple user in >> the forum >> > only_forum_mod -> Is allowed to moderate the forum, but is not allowed >> > to create his own blogsposts >> > user -> standarduser as described above >> > guest -> Read-Only, is not allowed to comment or write in the forum. >> > >> > If there are other subsystems added or hidden forums this will get >> > much more complicated... >> > >> > TIA >> > Norbert >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ruby on Rails: Talk" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/rubyonrails-talk?hl=en. >> >> > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > -- Thanks, Harun -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
