Disabling features of rails application depending on roles/subscriptions
https://stackoverflow.com/questions/11724464
-
23-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
are there any good gems/plugins/extensions for rails to disable features selectively for users depending on their roles or package subscriptions they have?
For example, two packages (standard, premium) exist. The standard package allows the user to ask up to 20 questions per month within the application, the premium package allows the user to ask 50 questions per month. So the feature restriction doesn't include the package subscription only but the amount of already asked questions too.
Note: I am already using cancan for simple authorization tasks.
Thanks for your help
Solution
I would try and stay within cancan if possible.. You're probably using devise for authentication already? If so I would try and modift cancan. If the basic case if that a user is either a superuser (sysadmin) or a premium_user or a standard_user you can have roles for those three things.
If a user can register for more than one thing I would look to either create a membership / product registration class (user_id, package_id, membership_level_id) or add scopes/conditions/flags to user to see who can do what starting from the 'what' first and then crossing to qualified user.
OTHER TIPS
Take a look at Rolify. This is a good gem that integrates very well with CanCan for resource scoping and authorization.
Documentation tutorial on how to use the two of them together:
https://github.com/EppO/rolify/wiki/Tutorial
You can define inheritable roles with cancan. This would allow you to create your two roles, standard and premium, and have premium inherit all of the abilities of standard and the define your own.
https://github.com/ryanb/cancan/wiki/Role-Based-Authorization
