https://stackoverflow.com/questions/17630749
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianHave you read the discussion in PR 763 "support for strong_parameters"?
In short, until cancan 2 comes out, some people are using Oliver Morgan's fork.
Rails4 authorization strategies
-
03-06-2022 - |
Question
When it comes to Authorization/Authentication devise + cancan are usually my gems of choice. After the release of Rails4's strong parameters I've been looking into using the cancan_strong_parameters gem.
I can't shake the feeling that this approach seems a bit 'hacky'. The other options seems to be TheRole gem or simply rolling my own auth from scratch.
Was hoping anyone with first hand experience here could give a few pointers on how they tackled the problem, what problems the faced and where each approach fell short (if anywhere).
I know this isn't a clean cut StackOverflow typed question, but there doesn't seem to be much info regarding this subject when Googling. Thanks.
Solution
OTHER TIPS
Check out the_role gem which works in Rails 4 and is a CanCan replacement
I'd go with Cancancan based on:
- It's based on Cancan, the most widely used Authorization Rails library (until Rails 4)
- It's Rails 4 compatible
- It has more Commits, Contributors and Releases on Github than other Rails 4 authorization gems (The_Role, Pundit, etc.)
- It's has more downloads on rubygems.org than The_Role even though it has fewer downloads than Pundit
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
