You can use either one, there is no reason to use one or the other. The key is the readability of your code. Personally, I prefer "if not" because I find it easier to understand.
There are some tangential security issues with this, but they are outside the scope (no pun intended) of multitenancy. The most obvious one is any user can create a resource in another scope by simply POSTing a tenant_id other than his own. To prevent this hole, simply make sure the controller does not accept a tenant_id parameter.
Regardless, this is awesome stuff, well thought out, and extremely helpful. Thanks Ryan!
Very helpful screencast! There are several Rails 4 helper methods for this and similar form building: https://github.com/rails/rails/blob/master/actionview/lib/action_view/helpers/form_options_helper.rb
Though doing it using Ryan's way allows for infinite flexibility.
Both methods of setting hash values work the same, it's a matter of style preference.
Thanks for pointing this out, it helped me get this working in Rails 4.
Rails Guides have a short comment on this: http://guides.rubyonrails.org/association_basics.html#choosing-between-has-many-through-and-has-and-belongs-to-many
Great episode as usual. I love how you test everything. Moving the permissions into a model is definitely the way to go.
You can use either one, there is no reason to use one or the other. The key is the readability of your code. Personally, I prefer "if not" because I find it easier to understand.
Wonderful episode!
There are some tangential security issues with this, but they are outside the scope (no pun intended) of multitenancy. The most obvious one is any user can create a resource in another scope by simply POSTing a tenant_id other than his own. To prevent this hole, simply make sure the controller does not accept a tenant_id parameter.
Regardless, this is awesome stuff, well thought out, and extremely helpful. Thanks Ryan!