Managing Roles for Access Control - MikeBlyth/mission_database GitHub Wiki

Information for developers

We’re using the CanCan authorization system. There are a model and controller for Role, but they don’t do anything (can they be removed??). Rather, the different roles such as admin, personnel, and health are just columns (fields) in the User model.

To add a new role, such as security, first set up the column

rails g migration AddSecurityToUser security:boolean
rake db:migrate
rake db:test:prepare

Then edit app/views/users/_roles_form.html.haml to add the new column:

.field
  = formobject.check_box :security 
  = formobject.label :security, "Security Team"