Rails Authentication with CanCan

Time is money especially when it comes to business, the importance of time can never be stressed enough. It is natural for business people to have affinity towards things that saves them time. This reason alone is the greatest catalyst in the huge popularity of Ruby on Rails. One of the most productive ways to build web applications, demand for Rails for web applications continue at a swift pace. What makes Ruby on Rails more awesome are the list of gems that come with it. Ruby gems are the categorized list of reusable codes which helps developer build applications even faster. CanCan is one such Ruby gem which is an authorization library restricting the resources specific users are allowed to access. With permissions defined in a single location (the Ability class) CanCan gem checks whether user or a resources has permission to access the file or not. It also ensure that there are no duplication across controllers, views, and database queries.

Integrating CanCan and Defining Abilities

> Add gem ‘cancan’ to your gem file.

And run

bundle install to install the gem

Creating Abilities

> Now generate ability.rb file in which we can specify permission to all users.

rails g cancan:ability

> Open the generated .rb file and define abilities

class Ability

include CanCan::Ability

def initialize( user )

user ||= User.new

can :manage , Article

cannot :manage , Comment

can :read , Tag , released: true

end

end

Checking Abilities

“Can and Cannot” function is used to check user permission. Can checks whether user has permission to access the file and cannot works in reverse way. We can define them in Controller or View

Ex: (For Can)

<%= link_to “New User” , new_user_path if can? :create, User %>

Ex: (For Cannot)

<% if cannot? :destroy , @user %>

<span class=”permission-message”>You aren’t allowed to delete this user.</span>

<% end %>

Load and Authorize Resource

load_and_authorize_resource using for

1. Load the model automatically

2. Authorize the requested action

Ex:

class UsersController <ApplicationController

load_and_authorize_resource

end

Handling Authorization Failure

load_and_authorize_resource using time authorization is failed then exception will raise and pass the error alert through rescue_form

Ex:

class ApplicationController < ActionController::Base

rescue_form CanCan::AccessDenied do |exception|

redirect_to root_url, alert: exception.message

end

end

Well, now you know about CanCan, what it does and how to configure it. Go paint the town red!

When it comes to building apps, Ruby on Rails is great because of its faster go-to-marketability. If you are on a look out for a app development company, RailsCarma is a great choice. Railscarma has been implementing Ruby on Rails from its nascent stages for development, training, deploying and contributing back to the Rails Community and provide best Ruby on Rails development services. RailsCarma provide end to end Ruby on Rails services including, consulting, architecture, building, management and extension to companies around the globe. You can also hire Ruby on Rails developers with an easy to hire process. Contact us to know more.

Leave a Comment

Your email address will not be published. Required fields are marked *