We are evaluating authorization plugins for rails and I wanted to address the group for some feedback. The two we are looking at are: cancan by Ryan Bates and declarative_authorization. If anyone has used either of these and can give me some feedback on how they have worked out for you that would be great! We would be using one of these in conjunction with the restul_auth plugin btw. One monkey wrench our project throws in to the mix is that we have a multiple database per customer model so I''m aware we''ll need to make some changes to the plugin in order to make it fit. So if you have customized either of the plugins I would like how easy / difficult that was. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Sunday 02 May 2010, jmamma wrote:> The two we are looking at are: cancan by Ryan Bates and > declarative_authorization.I had the same candidates recently and decided to use CanCan. I think that they are very similar in spirit, declarative_authorization is far more elaborate and consequently more complex. CanCan is much simpler. As I don''t need more than CanCan provides, I went with it. If you need model-based security over and above resource/controller- based checks, than declarative_authorization is the way to go.> We would be > using one of these in conjunction with the restul_auth plugin btw.Have you had a look at authlogic for comparison? Michael -- Michael Schuerig mailto:michael-q5aiKMLteq4b1SvskN2V4Q@public.gmane.org http://www.schuerig.de/michael/ -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Sun, May 2, 2010 at 10:12 AM, jmamma <jacklin10-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> We are evaluating authorization plugins for rails and I wanted to > address the group for some feedback. > > The two we are looking at are: cancan by Ryan Bates and > declarative_authorization. > > If anyone has used either of these and can give me some feedback on > how they have worked out for you that would be great! We would be > using one of these in conjunction with the restul_auth plugin btw. > > One monkey wrench our project throws in to the mix is that we have a > multiple database > per customer model so I''m aware we''ll need to make some changes to the > plugin in order > to make it fit. So if you have customized either of the plugins I > would like how easy / difficult that was. > > --I''m using declarative_authorization and I like it a lot. Also, +1 to authlogic instead of restful_authentication. -- Leonardo Mateo. There''s no place like ~ -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
jmamma wrote:> We are evaluating authorization plugins for rails and I wanted to > address the group for some feedback. > > The two we are looking at are: cancan by Ryan Bates and > declarative_authorization. >I''ve never used either of these, but I''ve been working with DocSavage''s rails_authorization plugin. It''s OK, but declarative_authorization looks like the same thing done a little better IIRC.> If anyone has used either of these and can give me some feedback on > how they have worked out for you that would be great! We would be > using one of these in conjunction with the restul_auth plugin btw.Please, please, *do not* use restful_auth. It may seem easier now, but in a month you''ll regret it as you will have a User model full of unmaintainable generated crap. I echo other posters who recommend Authlogic instead. Best, -- Marnen Laibow-Koser http://www.marnen.org marnen-sbuyVjPbboAdnm+yROfE0A@public.gmane.org -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.