I’m looking to set up simple role based access on my rails app without

Question

0

Asked: June 18, 20262026-06-18T10:02:51+00:00 2026-06-18T10:02:51+00:00

I’m looking to set up simple role based access on my rails app without

0

I’m looking to set up simple role based access on my rails app without using a database, we use CAS to handle the authentication so can capture the username from the CAS variables.

My thought was to map usernames to specific roles in a hash (in application.rb, see below for an idea)) and then use that role to determine if the content is viewable.

ROLES = { 
        'admin' => [ 'username1', 'username2'],
        'standard_user' => ['username3']
        }

I’ve been advised to look at the CanCan gem but that seems to want to get the role information from a user model which I don’t want to setup, mainly because we intend to pass over role information as another CAS variable in the near future.

So I wondered if anyone has any idea if this plan is do-able and maybe point me in the direction of any code snippets that might help me

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T10:02:53+00:00

Even with this kind of setup, you should be able to use cancan. If you have a user model where you store the username and the ability is revolving around this model, try the following on ability.rb

# user.rb
ROLES = {
  admin: %w[username1 username2],
  standard_user: %w[username3]
}

# ability.rb
user ||= User.new # username is blank

if User::ROLES[:admin].include?(user.username)
  can :manage, :all

elsif User::ROLES[:standard_user].include?(user.username)
  cannot :manage, Invoices

else
  ...
end

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m looking to set up simple role based access on my rails app without

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply