San Francisco

Teacher

Attendance

3 students were there

January 16, 2014

Role-Based Access Control With CanCan

In this class, we'll build a rails app that has multiple user types, and define their abilities via CanCan.

Getting permissions correct for web applications can be a daunting task. Take for example a university application, where Students can see content created by themselves or other students in their group, Teachers can see any content created in any of their classes, and Administrators can see any content on the system.

If we were to hardcode these rules everywhere we needed them, the permissions checking would quickly get out of hand, and it would be hard to reason about the security of the system.

CanCan solves this problem in an elegant way, giving us a single file where we can list all the permissions and roles.



2:30pm Pacific - 4:30pm Pacific on January 16, 2014 at Coshx Labs
3 students were there

Whiteboard

Please, sign in to see the Whiteboard