This is more about theory than coding so I hope I have the right place.
I would very much appreciate some input as to the best approach on how
to offer different options in my app depending on configuration criteria
and current user.
Some examples of what I want to do I guess would be a help.
Firstly I have an administration control panel that administrators can
log into and do the usual stuff that admins do
The site may have different configration switches that determine what
options are available in the administration panel.
For example the site may be configured to have blogs enabled.
Obviously if blogs are not enabled then there should be no
administration options to maintain blogs other than to enable them.
I though I might use a site_configuration table to determine what site
"add on's" are available and what are enabled.
A user can have different levels of access.
Some user roles will not have access to the administration panel at all.
For example users that are logged in as members i.e. users with a role
of member will not be able to log in as administrators but will be able
to view their own profile and will be able to access areas of the site
that non logged in users can't see.
I'm using a user_roles table to record a users role where a user can
have many roles therefore allowing for a user to be both an
administrator and a member.
That just about covers the requirement although there are more roles and
more functionality than mentioned.
So the question comes down to how best to achieve site configuration
options and also user access options.
Current thoughts are that I could provide the site configurations as
some kind of plug in or possibly a better solution might be to have
specific menu options that only visible according to the state of the
current user and the site configuration settings.
One concern I have is that I don't want to clutter up the views with too
much conditional logic for options that may never even exist for that
I have implemented my own authoridsation process based around AWDWR's
authentication solution but I was wondering if authlogic may be asble to
provide a better answer to the user role scenarios?
Hope that makes sense and any input as to best approach would be greatly
p.s. target language is Rails 2.3.23 but will be moving on to 2.3.4