One account several users with different privileges

My app needs to have an account with several users inputting tasks on
the same account. Only one of the users (the one that opened the
account) will have admin privileges.

I'm thinking on using Authlogic for authentication and CanCan for
determining user privileges. The point is that I'd like the User that
opened the Account to be admin by default being him the only one to be
able to create other Users for his account with a different privileges.

I'm working on something similar right now. I created a very simple
login/authentication method and now I'm dealing with users privileges
in the site.

In my case I have posts that belongs to companies so only users from
the post's company can view them. Also each user has roles (Admin) to
edit, remove, etc and (Some Role) to view exclusive posts.

I'm taking a look to both CanCan and Canable (http://github.com/
jnunemaker/canable)

I'll keep updating. Any preference on plugin or would it be better to
write some custom code?

Carlos Cabrera wrote:

I'm working on something similar right now. I created a very simple
login/authentication method and now I'm dealing with users privileges
in the site.

In my case I have posts that belongs to companies so only users from
the post's company can view them. Also each user has roles (Admin) to
edit, remove, etc and (Some Role) to view exclusive posts.

I'm taking a look to both CanCan and Canable (http://github.com/
jnunemaker/canable)

I'll keep updating. Any preference on plugin or would it be better to
write some custom code?

My idea is when you sign up for an account you should fill up the
account name (Company) and the first users data (First name, Last, etc)
Being this first user the only Admin user.
From there that Admin user will create new users capable of adding tasks
to that account (company).
How would you approach this?

We had a similar problem - we did it this way: set a global string
ADMINCODE = "somethingImpossibleToGuess" and include a text field for
this in the signup form. If the user can enter an admin code, then
they get to be admin.