Can someone provide me a sample data for the role and roles_user table? I dont understand the authorizable id and authorizable type

Thanks

initially, the tables are indeed empty. I have created an insert into the table in my migration. It looks something like this:

def self.up
create_table :roles_users, :id => false do |t|
t.integer :user_id, :role_id
t.timestamps # creates updated_at and created_at
end

create_table :roles do |t|
t.string :name, :authorizable_type, :limit => 40
t.integer :authorizable_id
t.timestamps
end

# insert a siteadmin user for admins with role site_admin
siteadmin = User.new({:nick => ‘siteadmin’,
:email => ‘admin@example.com’,
:password => ‘example’,
:firstname => “Site”,
:lastname => “admin”})
siteadmin.has_role ‘site_admin’
end

Hope this helps.

ups, I just noticed I never replied to your post.

# how do you restrict a teacher to his or her school only?
This should work:
teacher.has_role

DJ

Thanks for your efforts to throw more clarity on the use of this plugin. I am still trying to wrap my mind around this. For my application I am particulary interested in authorisation for specific model objects and would appreciate your advice on how to go about it.
To start off with I have the following scenario:

School Model:
has_many : teaching_posts #teachers employed

TeachingPost model: #users with ‘teacher’ and/or ‘school_admin’ role
has_many: registration_classes # a teacher responsible for a specific classroom of students
belongs_to :school, :user
# how do you restrict a teacher to his or her school only?
# how do you allow a ‘school_admin’ for school A only?

RegistrationClass Model #attributes name, teaching_post_id, start_date, end_date
has_many :student_admissions
belongs_to : teaching_post
# how do you restrict a teacher to his or her own class only etc. ?

StudentAdmission model: #users with ‘student’ role
belongs_to :user, :registration_class

A user may have one or more of the following roles
admin #super admin
‘school_admin’ #admin for a specific school only
‘teacher’ # for a specific school only
‘student’ # for a specific school only

I hope you can see where I am going with this. I would appreciate any help.
Thanks

I think this plugin, great as it is, is indeed overkill for your situation. If you use restful_authentication plugin to generate your auth system, all you’ll have to do is add an :auth attribute to the user model and a few lines of code to the generated lib/authenticated_system.rb to end up with:

.admin?, .super? .clerk? methods on user model (to be used anywhere needed)

admin_required, super_required, clerk_required methods (to be used in before_filters)

c.

private
def get_role
[.......] include => :roles_user
end

* entire application (no class or object specified)
* model class
* an instance of a model (i.e., a model object)

So, yes, you can give users specific roles application-wide – just leave away the model name in most of the above commands and you will be set. In your controllers, you can then use the permit command to get your methods. See http://www.billkatz.com/authorization for more information on how to use the permit command.

Whether this is overkill, I cannot tell you. It’s more of a question whether you’d like to use and trust other people’s plugin code or prefer to write your own. IMO, in the long run, if you choose a supported plugin, it will be worth the time spent on it.

Based on the user’s role, I will allow or deny access to creation, deletion, edit, etc. I have no need to place permissions on objects, rather, I need to allow/disallow access to specific controller functionality. No more, no less.

Can this plugin easily handle that or is it overkill?

Thanks.

Thanks for pointing out that I didn’t really describe what I was doing. The “Account” is and example model that I used for describing how to make use of the users and their roles. In your application I’m sure you will want to use some other model to restrict user access based on roles. Accounts is my example.

Hope this helps.