Home/ Questions/Q 6113395
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T14:51:14+00:00

I have those models User, Developer, App, Permission A User can have Default Permision

  • 0

I have those models

User, Developer, App, Permission
  1. A User can have Default Permision
  2. A User can have Permission for Different Application
  3. A user can install Multiple Applications
  4. A User can also be a Developer of an Application
  5. A Developer is still a User and can have all user’s privillage (Install applcation, default permission, permissions for each application)

Until now I have:

user.rb

class User < ActiveRecord::Base
  has_many :apps
end

app.rb

class App < ActiveRecord::Base
  has_many :permissions, :through => :app_permissions
end

permission.rb

class Permission < ActiveRecord::Base
  belongs_to :app
end

app_permission.rb

class AppPermission < ActiveRecord::Base
end

Questions

  1. How to distinguish users? (Regular, Developer) Is it better to use CanCan or Rails STI or Simple Roles Class? Please justify why is better to use any of those three solutions or something else.
  2. Is it better to create a Default_Permission model to separate application permissions from default permission?

EDIT:

If I miss any information please ask. I would like to see some different solutions and how each solution works. Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would recommend the following:

    Developer is a User object. Distinguish developers from users with a is_developer boolean in your schema. This will make it easier going forward to keep Users / Developers integrated (without switch statements). You can add a named scope to find developers specfically:

    class User < ActiveRecord::Base
  named_scope :regular_users, :conditions => { :is_developer => false }
  named_scope :developers, :conditios => { :is_developer => true }
  #you can then call User.regular_users or User.developers
end

    Alternatively, you could have User / Developer work as polymorphic associations. E.g.

    class Role < ActiveRecord::Base
  belongs_to :entity, :polymorphic => true #with entity_id / entity_type in your schema
end

    The downside to this approach is it will make your code more complicated for little or zero semantic gain.

    I don’t truly understand what you mean by default permission, but it seems to be a logic issue as opposed to a database. Does everyone have the default permission? Then you can add it on *after_create*, or when writing your logic, assume it’s true (or controlled by a boolean flag). The following code will create a permission for each user that is default true after they are created (for existing users, you can add the permissions by hand / rake task).

    class User < ActiveRecord::Base
  after_create :add_default_permission

  def add_default_permission
    Permission.default_permissions.each do |permission|
      self.app_permissions.create(:permission_id => permission.id)
    end
  end
end

    As for default_permissions, I would suggest having an *is_default* boolean on the permissions table. This way, you can have multiple default permissions going forward (or remove default permissions later). As a default permission is a permissions, there’s no need to differentiate the object models. I.e.

    class Permission < ActiveRecord::Base
  named_scope :default_permissions, :conditions => { :is_default => true }
end

    Finally, make sure to fully spell out all of your ActiveRecord associations, i.e.

    class User < ActiveRecord::Base
  has_many :apps
  has_many :permissions, :through => :app_permissions, :as => :permissible #edited
end

class App < ActiveRecord::Base
  belongs_to :app_permission
  has_many :permissions, :through => :app_permissions, :as => :permissible #edited
end

class Permission < ActiveRecord::Base
  belongs_to :app_permissions
  belongs_to :permissible, :through => :app_permissions, :polymorphic => true #edited
end

class AppPermission < ActiveRecord::Base
  belongs_to :permissible, :polymorphic => true #edited
  belongs_to :app
end

    When a user installs an app: EDITED BELOW FOR POLYMORPHISM

    Class User < ActiveRecord::Base
  def get_required_app(app)
    required_permissions = []
    app.permissions.each do |p|
      if self.permissions.find(:first, conditions => { :permission_id => p.id } ).nil?
        required_permissions.push p
      end
    end
    required_permissions
  end

  def install_app(app)
    req = required_permissions app
    return req if req.count > 0
    #add user app
  end
end

    Hope this helps you work through your problem and let me know if you need any additional information.

    • 0