I'm pretty new to rails, but I've had many years programming in Java.
What I'm looking to find is the rails way of implementing some clean
way of controlling what the user sees based on the user's role.
The Rails Recipes book has a nice clean implementation of user roles
and I've implemented that. What I want to avoid is stuff like
<% if user.admin? %>
show admin stuff
<% else %>
show normal user stuff
<% end %>
all over my code. I can think of a couple of ways to do it, but I feel
like I'd be reinventing the wheel and someone certainly has cracked
this nut and at least blogged it some where.
I've tried some Google searches, but it's a hard problem to define in
few enough words to get good results.
Anyone know of any good references for this problem?
Well, the purpose of Helpers is to keep your views nice and DRY, so you could make some helpers with common code that comes up because of this, that takes a user.
Your helpers still end up looking like this, though, so it’s not super ideal, but you’ve at least pushed the ugly down as far as possible. I haven’t found a better solution than that.
You can use a gem called declarative_authorization to clean this up nicely. Its an implementation of rbac (role based access control for non security types), which I’m pretty sure is what you need, … You can do:
If has_role(:admin?)
Show admin stuff
-or-
If permitted_to(:show, @stuff)
Show admin stuff