I am new to rails and have a design issue. Although I have a proposed
solution I am far from sure how robust it is. I would appreciate any
feedback.
My application is team based:
- A user can only be in one team
- Team members(user) cannot view/edit another team's content
Team A
-User
-Widget
--Part
Team B
-User
-Widget
--Part
I need to:
- identify the team from the user
- create members for a team
So everything is simple - just create a User model that belongs_to the
Team (has_many users). Except I need admin users to manage the teams. My
problem is how best to manage this?
I think I need a User model and a Member model. The user handles
authentication, a user without a member association is an admin and the
member belongs to the Team. Perhaps something like this:
Team
has_many :members
Member
belongs_to :team
has_one :user
attr :team_role
User
belongs_to: member
authenticates!
attr :admin_role
However, this doesn't seem correct because the User still belongs to
Team. I am sure that at least the relationship between user & member is
incorrect. Can you suggest a better (more conventional) solution?
Keep it simple, just have one user table with a flag to say whether it
is an admin user or not. This would also allow an admin user to be a
member of a team. You could look at the cancan gem which will handle
multiple roles but that is probably overkill for this case.
A question, can a user be in more than one team? If so then you will
need a different setup.
A user can only belong to one team. Admins will never belong to a team.
So, if I understand you correctly:
Team
has_many :users
User
belongs_to :team
attr :admin (bool)
I am concerned that an admin will have no team but the model
"belongs_to" a team. It just doesn't feel right. It will require many
"if" statements (in controllers?) which I understand (but could be
wrong) isn't very mvc/oo.
Could you not top post please? Insert your reply inline in previous
message, it makes it easier to follow the thread. Thanks.
Hello Colin
Thanks for your response.
A user can only belong to one team. Admins will never belong to a team.
OK, that is significant.
So, if I understand you correctly:
Team
has_many :users
User
belongs_to :team
attr :admin (bool)
I am concerned that an admin will have no team but the model
"belongs_to" a team. It just doesn't feel right. It will require many
"if" statements (in controllers?) which I understand (but could be
wrong) isn't very mvc/oo.
Some questions. I presume that admin users will login to the
application. Is that also true of members, or are they just data
within the app? Also do members and users have attributes in common
such as name, email etc? If members do login then what can they do?
Admin users log in to manage the Teams and Team Members
Team Members are real people who log in to view and manage data that
belongs to their Team. [Team data is private - it can only be viewed and
managed by team members. All teams will build data using the same
(deeply nested) models.]
The only attributes shared by Admin & Members are those required for
authorisation/authentication.
* AdminUsers only manage the Team & Member objects.
* Members build Team data by managing all objects under Team (Thing,
Widget, Part).
* Team data is private to Team Members.
You obviously missed my request to not top post, so that it is easier
to follow the thread.
Let me try to describe it clearly in one post:
* AdminUsers only manage the Team & Member objects.
* Members build Team data by managing all objects under Team (Thing,
Widget, Part).
* Team data is private to Team Members.
**********************************************
AdminUser
Team A
-MemberUser
-Thing
--Widget
---Part
Team B
-MemberUser
-Thing
--Widget
---Part
Since they both have to be authenticated then obviously there has to
be at least a common table for the authentication data.
Basically then you need to allow one sort of user to access certain
controllers and methods and another sort of user to access a different
set of controller methods. You can put this in the before filter
where you do the authentication check. As well as checking that a
user is logged in, check that it is the right sort of user. Probably
the only place you need to check is in the before filters.
I think that is the way I would do it. By mentioning the
before_filters I was pointing out there should be very few places
where you should have to test.
I mentioned the cancan gem earlier, I suggest you also have a look at
that, it may be a bit of overkill but it is still worth looking at to
see what it can do for you.