Geek Answers Handbook

Multiple user roles in Ruby on Rails

I am creating an inventory management application with four different types of users: admin, employee, manufacturer, transporter. I haven't started coding yet, but this is what I think about. Manufacturers and carriers are associated with has_many: through a many-to-many relationship with products as follows:

class Manufacturer < ActiveRecord::Base has_many :products has_many :transporters, :through => :products end class Product < ActiveRecord::Base belongs_to :manufacturer belongs_to :transporter end class Transporter < ActiveRecord::Base has_many :products has_many :manufacturers, :through => :products end

All four user types can be logged in, but they will have different permissions and views, etc. I don’t think that I can put them in the same table (Users), since they will have different requirements, i.e. suppliers and manufacturers must have a billing address and contact information (through verification), but administrators and employees should not have these fields.

If possible, I would like to have one login screen, and not 4 different screens.

I am not asking for the exact code to build this, but I am having trouble deciding the best way to do this. Any ideas would be greatly appreciated - thanks!

+8
authentication ruby ruby-on-rails roles
source share
3 answers

Your basic approach seems reasonable. I would advise you to create a user base class and use STI for certain types of users, for example:

 class User < ActiveRecord::Base end class Manufacturer < User has_many :products has_many :transporters, :through => :products end

... etc .. Thus, if it is ever necessary to combine several types of users into one relationship regardless of type, you have one table for describing users as a whole. This is a fairly common approach.

Depending on how many users will have access to the system, you can look at the role management graph, for example, declarative authorization .

+5
source share

For multiple user systems, the preference is usually given to using a role model or an STI. If your users can have several roles at the same time, for example, one user who is a producer and a transporter, then the basic Role system will be a good solution. If the user role is fixed, then I think you should go with STI.

+4
source share

I suggest you create a user model, address model, ContactInfo model, etc. You should not have such fields in the User model. Normalize the database. Have an FK in each of these classes for User.id.

If you MUST save them separately, then normalize logins and make them polymorphic to refer to their owner (manufacturer, employee, etc.)

+1
source share

Source: https://habr.com/ru/post/650512/

More articles:


All Articles