(ugh…really cool tagline goes here)
In my search for an authorization/access control list solution for my Ruby needs I came across Steffen Bartsch’s “Declarative Authorization” plugin (Github source here).
Short aside … the plugin allows for a very DRY approach to managing permission from one configuration file, not to mention that it generates a visualization of your ACL, too. This is a huge benefit when building an app that has a number of different security roles. Additionally, it allows access control on the controller, model, query, and view levels. From the site:
Plugin features
- Authorization at controller action level
- Authorization helpers for Views
- Authorization at model level
- Authorize CRUD (Create, Read, Update, Delete) activities
- Query rewriting to automatically only fetch authorized records
I was ecstatic about using the plugin but hit a stump when trying to work it out with my own HABTM association in my Rails app. The third requirements mentions, “User objects need to respond to a method :role_symbols that returns an array of role symbols”. My log error kept displaying:
1 2 3 | The use of user.roles is deprecated. Please add a method role_symbols to your User model. Permission denied: User.roles doesn't return an Array of Symbols ([#]) Filter chain halted as [:filter_access_filter] rendered_or_redirected. |
In order to get things to work correctly with a User model, Roles model, and Roles_Users table for the “has_and_belongs_to_many” relationship, you need to make sure you’ve a method in your user model that “correctly” generates a “roles_symbol” array:
Note: Make sure that you use the correct value of the filed in your roles model when serializing. The example used “title” but in my application I used “name” for the column that defined the role.
Who am I? Well, let's see: I'm a husband, father, brother, God-father, down to earth, relaxed, happy kinda guy who likes clean code, long walks on the beach, takes his laptop with him everywhere he goes, and (as I'd like to think) all around good guy! 
