O'Reilly logo

Learning Devise for Rails by Nia Mutiara, Hafiz, Giovanni Sakti

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Privileges

In the previous chapter, you learned how to use Devise authentication features such as user session and registration management (sign-in, sign-up, sign-out, and so on).

After users are logged in, you will want to make sure that they can only access pages and page elements that they are supposed to see. You will want to define access control rules or privileges so that users cannot see protected resources, such as other users' private posts. The process of applying the rules in our web application is called authorization.

In Rails apps, the CanCan gem (https://github.com/ryanb/cancan) can be used for authorization by defining and applying privileges of what users can or cannot do. At the same time, Devise will still be used ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required