2

I'm a Rails noob and am hoping someone can help me wrap my head around this issue. I have an app that has a single User model using Authlogic for authentication and CanCan for authorization. There are three roles: Consumer, Business, and Admin. A user can have any number of these roles.

Businesses have additional attributes, however, and I need to model this such that I can add roles that each have potentially different attributes. Instinct tells me that I need to have a separate model to represent each role's attributes, i.e. BusinessRoleProfile, ConsumerRoleProfile, etc and then maybe mixin a module programmatically that adds the appropriate has_one reference(s) to the profile model(s).

Is this the best way to handle the separate attributes? If so, can someone guide me through how to dynamically include those mixins based on what role the user has?

MikeH
  • 796
  • 7
  • 18

1 Answers1

1

EDIT:

Did some more research, this may help you. https://github.com/thefrontiergroup/scoped_attr_accessible

Looks like you can do things like:

class User < ActiveRecord::Base

  # All attributes are accessible for the admin scope.
  attr_accessible :all, :scope => :admin

  # The default scope can only access a and b.
  attr_accessible :a, :b

  # Make both :c and :d accessible for owners and the default scope
  attr_accessible :c, :d, :scope => [:owner, :default]

  # Also, it works the same with attr_protected!
  attr_protected :n, :scope => :default

end

OLD ANSWER

Looks like it may be featured in CanCan 2.0.

https://github.com/ryanb/cancan/issues/326

Community
  • 1
  • 1
ardavis
  • 9,842
  • 12
  • 58
  • 112
  • The roles have real attributes that will be stored in the database, i.e. a user with a Business Role will have a business_name attribute that describes the name of their business. I don't want a user table full of attributes that are relevant to only subsets of the users. I don't think virtual attributes are the answer in this scenario. – MikeH May 29 '11 at 15:10
  • That feature is about controlling access bases on attributes in the model. I have the controlled access I want with CanCan, I'm simply asking for advice about how to model my users given that some roles have attributes that others do not have. – MikeH May 30 '11 at 02:24
  • Just found a plugin that may help you, see revised answer. If this doesn't help you, then hopefully someone will know the answer :) – ardavis May 30 '11 at 17:58