RailsCasts Pro episodes are now free!

Learn more or hide this

Applied Filters: authorization xAuthorization x
Authorization from Scratch Part 2
Episode #386Oct 11, 201297 comments

Authorization from Scratch Part 2

This finishes the series on building authorization from scratch by refactoring the permission logic into a DSL, restricting authorization with attributes, and combining with strong_parameters to protect params. (20 minutes)
Authorization from Scratch Part 1
Episode #385Oct 07, 201282 comments

Authorization from Scratch Part 1

Authorization can be difficult to implement and test because it often involves complex logic that exists throughout the entire app. Here I demonstrate how to test and implement authorization from scratch. (15 minutes)
Declarative Authorization
Episode #188Nov 16, 2009114 comments

Declarative Authorization

Declarative authorization provides an advanced and powerful solution for role based authorization. (15 minutes)
Authorization with CanCan
Episode #192Dec 14, 2009114 comments

Authorization with CanCan

CanCan is a simple authorization plugin that offers a lot of flexibility. See how to use it in this episode. (15 minutes)
Strong Parameters
Episode #371Aug 03, 201275 comments

Strong Parameters

The strong_parameters gem is an improvement over attr_accessible to securely handle mass assignment even when you have complex authorization logic. The functionality will likely be added to Rails 4 so it is a good idea to learn how it works. (12 minutes)