View: 
Categories
- Active Record
- Active Resource
- Active Support
- Administration
- Ajax
- APIs
- Authentication
- Authorization
- Background Jobs
- Caching
- Code Walkthrough
- Controllers
- Debugging
- Deployment
- eCommerce
- Forms
- Mailing
- Models
- Performance
- Plugins
- Production
- Rack
- Rails 2.0
- Rails 2.1
- Rails 2.2
- Rails 2.3
- Rails 3.0
- Rails 3.1
- Rails 3.2
- Rails 4.0
- Refactoring
- Routing
- Search
- Security
- Testing
- Tools
- Views
Authorization from Scratch Part 2
This finishes the series on building authorization from scratch by refactoring the permission logic into a DSL, restricting authorization with attributes, and combining with strong_parameters to protect params.
(20 minutes)
Multitenancy with Scopes
A multi-tenant application can be difficult to implement because the data for each tenant must be completely separate. Here I show how to do this using subdomains and default scopes in Active Record.
(12 minutes)
Multitenancy with PostgreSQL
PostgreSQL Schemas can help create a multi-tenant app by keeping data separate at the database layer. Integrating with migrations can be tricky though, so watch this episode for the full details.
(11 minutes)
Authorization from Scratch Part 1
Authorization can be difficult to implement and test because it often involves complex logic that exists throughout the entire app. Here I demonstrate how to test and implement authorization from scratch.
(15 minutes)
Strong Parameters
The strong_parameters gem is an improvement over attr_accessible to securely handle mass assignment even when you have complex authorization logic. The functionality will likely be added to Rails 4 so it is a good idea to learn how it works.
(12 minutes)
Authorization with CanCan
CanCan is a simple authorization plugin that offers a lot of flexibility. See how to use it in this episode.
(15 minutes)
Declarative Authorization
Declarative authorization provides an advanced and powerful solution for role based authorization.
(15 minutes)