Authorization and Role-Based Access Controls

Explore how to design and manage authorization in Rails applications by mapping user roles to job titles and departments. Learn to use CanCanCan for access control, ensuring auditability and clear permission structures.

We'll cover the following...

Map resources and actions to job titles and departments

In most organizations, the authentication mechanism is driven by product and business concerns, and the decision around what method to use is typically easy to make. Authorization—the mapping of what users can perform what actions—is often much more complicated.

If we are building software to be used by employees of the company or a software-as-a-service product intended for knowledge workers, there will often be a myriad of features available, some of which control highly sensitive or potentially dangerous functions.

1.Prologue

2.Getting Started

3.The Rails Application Architecture

4.Start Our App Off Right

5.Business Logic

6.Routes and URLs

7.HTML Templates

8.Helpers

9.CSS

10.Minimize JavaScript

11.Carefully Manage the JavaScript We Need

12.Testing the View

13.Models I

14.The Database

Project

15.Business Logic Code is a Seam

16.Models II

17.End-to-End Testing

18.Controllers

19.Jobs

20.Other Boundary Classes

21.Authentication and Authorization beyond Rails

Project

22.API Endpoints

23.Sustainable Process and Workflows

24.Operations

25.Conclusion

26.Appendices

Authorization and Role-Based Access Controls