This morning I decided to add roles to CatchTheBest to start adding a few simple permissions to the application. Sometimes people's eyes glaze over when they hear role-based access control, but it really doesn't have to be complicated. There are some plugins out there that are more or less plug and play for implementing RBAC, but here's a quick and simple example you can use in your project to easily add user roles.
First, the migration:
class CreateRoles < ActiveRecord::Migration
def self.up
create_table :roles do |t|
t.column :name, :string
end
create_table :user_roles do |t|
t.column :user_id, :integer
t.column :role_id, :integer
t.column :created_at, :datetime
end
add_index :roles, :name
Role.create(:name => 'Admin')
end
def self.down
drop_table :roles
drop_table :user_roles
end
end
This adds the roles and user_roles tables and creates the first role (Admin). I have added an index to the name field of the roles table because we'll be querying on that field quite a bit.
Here are the new models:
class Role < ActiveRecord::Base
end
class UserRole < ActiveRecord::Base
belongs_to :user
belongs_to :role
end
There's nothing terribly exciting there. :) Notice that I don't have any relationship declarations in Role, as I currently don't care about finding users by role — I only care about finding roles by user.
Here are the changes to the User model:
class User < ActiveRecord::Base
has_many :user_roles
has_many :roles, :through => :user_roles
def has_role?(role)
self.roles.count(:conditions => ['name = ?', role]) > 0
end
def add_role(role)
return if self.has_role?(role)
self.roles < < Role.find_by_name(role)
end
end
And that's it. Easy, eh?
Comments