Hello I am new to rails and have a design issue. Although I have a proposed solution I am far from sure how robust it is. I would appreciate any feedback. My application is team based: - A user can only be in one team - Team members(user) cannot view/edit another team''s content Team A -User -Widget --Part Team B -User -Widget --Part I need to: - identify the team from the user - create members for a team So everything is simple - just create a User model that belongs_to the Team (has_many users). Except I need admin users to manage the teams. My problem is how best to manage this? I think I need a User model and a Member model. The user handles authentication, a user without a member association is an admin and the member belongs to the Team. Perhaps something like this: Team has_many :members Member belongs_to :team has_one :user attr :team_role User belongs_to: member authenticates! attr :admin_role However, this doesn''t seem correct because the User still belongs to Team. I am sure that at least the relationship between user & member is incorrect. Can you suggest a better (more conventional) solution? Many Thanks Polly -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
On 12 May 2013 09:34, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hello > > I am new to rails and have a design issue. Although I have a proposed > solution I am far from sure how robust it is. I would appreciate any > feedback. > > My application is team based: > - A user can only be in one team > - Team members(user) cannot view/edit another team''s content > > Team A > -User > -Widget > --Part > > Team B > -User > -Widget > --Part > > I need to: > - identify the team from the user > - create members for a team > > So everything is simple - just create a User model that belongs_to the > Team (has_many users). Except I need admin users to manage the teams. My > problem is how best to manage this? > > I think I need a User model and a Member model. The user handles > authentication, a user without a member association is an admin and the > member belongs to the Team. Perhaps something like this: > > Team > has_many :members > > Member > belongs_to :team > has_one :user > attr :team_role > > User > belongs_to: member > authenticates! > attr :admin_role > > However, this doesn''t seem correct because the User still belongs to > Team. I am sure that at least the relationship between user & member is > incorrect. Can you suggest a better (more conventional) solution?Keep it simple, just have one user table with a flag to say whether it is an admin user or not. This would also allow an admin user to be a member of a team. You could look at the cancan gem which will handle multiple roles but that is probably overkill for this case. A question, can a user be in more than one team? If so then you will need a different setup. Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Hello Colin Thanks for your response. A user can only belong to one team. Admins will never belong to a team. So, if I understand you correctly: Team has_many :users User belongs_to :team attr :admin (bool) I am concerned that an admin will have no team but the model "belongs_to" a team. It just doesn''t feel right. It will require many "if" statements (in controllers?) which I understand (but could be wrong) isn''t very mvc/oo. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
On 12 May 2013 12:24, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: Could you not top post please? Insert your reply inline in previous message, it makes it easier to follow the thread. Thanks.> Hello Colin > > Thanks for your response. > > A user can only belong to one team. Admins will never belong to a team.OK, that is significant.> > So, if I understand you correctly: > > Team > has_many :users > > User > belongs_to :team > attr :admin (bool) > > I am concerned that an admin will have no team but the model > "belongs_to" a team. It just doesn''t feel right. It will require many > "if" statements (in controllers?) which I understand (but could be > wrong) isn''t very mvc/oo.Some questions. I presume that admin users will login to the application. Is that also true of members, or are they just data within the app? Also do members and users have attributes in common such as name, email etc? If members do login then what can they do? Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Hello Colin Thanks again. Here are my answers. Admin users log in to manage the Teams and Team Members Team Members are real people who log in to view and manage data that belongs to their Team. [Team data is private - it can only be viewed and managed by team members. All teams will build data using the same (deeply nested) models.] The only attributes shared by Admin & Members are those required for authorisation/authentication. Polly -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Let me try to describe it clearly in one post: * AdminUsers only manage the Team & Member objects. * Members build Team data by managing all objects under Team (Thing, Widget, Part). * Team data is private to Team Members. ********************************************** AdminUser Team A -MemberUser -Thing --Widget ---Part Team B -MemberUser -Thing --Widget ---Part -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
On 12 May 2013 14:09, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: You obviously missed my request to not top post, so that it is easier to follow the thread.> Let me try to describe it clearly in one post: > > * AdminUsers only manage the Team & Member objects. > * Members build Team data by managing all objects under Team (Thing, > Widget, Part). > * Team data is private to Team Members. > > ********************************************** > > AdminUser > > Team A > -MemberUser > -Thing > --Widget > ---Part > > Team B > -MemberUser > -Thing > --Widget > ---PartSince they both have to be authenticated then obviously there has to be at least a common table for the authentication data. Basically then you need to allow one sort of user to access certain controllers and methods and another sort of user to access a different set of controller methods. You can put this in the before filter where you do the authentication check. As well as checking that a user is logged in, check that it is the right sort of user. Probably the only place you need to check is in the before filters. Colin> > -- > Posted via http://www.ruby-forum.com/. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Colin Law wrote in post #1108653:> On 12 May 2013 14:09, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: > > You obviously missed my request to not top post, so that it is easier > to follow the thread. > >> >> ---Part > Since they both have to be authenticated then obviously there has to > be at least a common table for the authentication data. > > Basically then you need to allow one sort of user to access certain > controllers and methods and another sort of user to access a different > set of controller methods. You can put this in the before filter > where you do the authentication check. As well as checking that a > user is logged in, check that it is the right sort of user. Probably > the only place you need to check is in the before filters. > > ColinSorry, yes I did miss your request to not top post. I have pressed reply this time - I hope this is what you meant. I think you stand by your original suggestion - one User model belonging to Team and with an Admin bool. Thanks for your help. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
On 12 May 2013 14:38, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Colin Law wrote in post #1108653: >> On 12 May 2013 14:09, Polly Hay <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: >> >> You obviously missed my request to not top post, so that it is easier >> to follow the thread. >> >>> >>> ---Part >> Since they both have to be authenticated then obviously there has to >> be at least a common table for the authentication data. >> >> Basically then you need to allow one sort of user to access certain >> controllers and methods and another sort of user to access a different >> set of controller methods. You can put this in the before filter >> where you do the authentication check. As well as checking that a >> user is logged in, check that it is the right sort of user. Probably >> the only place you need to check is in the before filters. >> >> Colin > > Sorry, yes I did miss your request to not top post. I have pressed reply > this time - I hope this is what you meant. > > I think you stand by your original suggestion - one User model belonging > to Team and with an Admin bool.I think that is the way I would do it. By mentioning the before_filters I was pointing out there should be very few places where you should have to test. I mentioned the cancan gem earlier, I suggest you also have a look at that, it may be a bit of overkill but it is still worth looking at to see what it can do for you. Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.