문제

When it comes to Authorization/Authentication devise + cancan are usually my gems of choice. After the release of Rails4's strong parameters I've been looking into using the cancan_strong_parameters gem.

I can't shake the feeling that this approach seems a bit 'hacky'. The other options seems to be TheRole gem or simply rolling my own auth from scratch.

Was hoping anyone with first hand experience here could give a few pointers on how they tackled the problem, what problems the faced and where each approach fell short (if anywhere).

I know this isn't a clean cut StackOverflow typed question, but there doesn't seem to be much info regarding this subject when Googling. Thanks.

도움이 되었습니까?

해결책

Have you read the discussion in PR 763 "support for strong_parameters"?

In short, until cancan 2 comes out, some people are using Oliver Morgan's fork.

다른 팁

Check out the_role gem which works in Rails 4 and is a CanCan replacement

I'd go with Cancancan based on:

  • It's based on Cancan, the most widely used Authorization Rails library (until Rails 4)
  • It's Rails 4 compatible
  • It has more Commits, Contributors and Releases on Github than other Rails 4 authorization gems (The_Role, Pundit, etc.)
  • It's has more downloads on rubygems.org than The_Role even though it has fewer downloads than Pundit
라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top