Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Applied Filters: Authorization x
Multitenancy with PostgreSQL
Episode #389Oct 27, 201245 comments

Multitenancy with PostgreSQL

PostgreSQL Schemas can help create a multi-tenant app by keeping data separate at the database layer. Integrating with migrations can be tricky though, so watch this episode for the full details. (11 minutes)
Multitenancy with Scopes
Episode #388Oct 20, 201246 comments

Multitenancy with Scopes

A multi-tenant application can be difficult to implement because the data for each tenant must be completely separate. Here I show how to do this using subdomains and default scopes in Active Record. (12 minutes)
Authorization from Scratch Part 2
Episode #386Oct 11, 201238 comments

Authorization from Scratch Part 2

This finishes the series on building authorization from scratch by refactoring the permission logic into a DSL, restricting authorization with attributes, and combining with strong_parameters to protect params. (20 minutes)
Authorization from Scratch Part 1
Episode #385Oct 07, 201228 comments

Authorization from Scratch Part 1

Authorization can be difficult to implement and test because it often involves complex logic that exists throughout the entire app. Here I demonstrate how to test and implement authorization from scratch. (15 minutes)
Strong Parameters
Episode #371Aug 03, 201238 comments

Strong Parameters

The strong_parameters gem is an improvement over attr_accessible to securely handle mass assignment even when you have complex authorization logic. The functionality will likely be added to Rails 4 so it is a good idea to learn how it works. (12 minutes)
Authorization with CanCan
Episode #192Dec 14, 200979 comments

Authorization with CanCan

CanCan is a simple authorization plugin that offers a lot of flexibility. See how to use it in this episode. (15 minutes)
Declarative Authorization
Episode #188Nov 16, 200984 comments

Declarative Authorization

Declarative authorization provides an advanced and powerful solution for role based authorization. (15 minutes)