siny: authorization & ajax

Curriculum: Authorization & AJAX

Winter 2017

Authorization & AJAX - Immersive1.) Authorization (~ 60 minutes)2.) AJAX (~ 60 minutes)3.) Pairing (~30 minutes)Authorization & AJAX - Debrief4.) Authorization (~ 20 minutes)5.) AJAX (~ 20 minutes)6.) Pairing (~ 80 minutes)

Agenda

Immersive

Authorization

AuthorizationAuthentication verifies who you are.Authorization verifies what you are authorized to do.

Authentication

Authentication

Authorization

Authorization

CanCanCan

CanCanCan

Pundit

Pundit

has_many :through

belongs_toA belongs_to association sets up a one-to-one connection with another model, such that each instance of the declaring model "belongs to" one instance of the other model.

belongs_to

belongs_to

A has_one association also sets up a one-to-one connection with another model, but with somewhat different semantics (and consequences).

has_one

has_one

has_one

A has_many association indicates a one-to-many connection with another model. You'll often find this association on the "other side" of a belongs_to association.

has_many

has_many

has_many

A has_many :through association is often used to set up a many-to-many connection with another model. This association indicates that the declaring model can be matched with zero or more instances of another model by proceeding through a third model.

has_many :through

has_many :through

has_many :through

AJAX

AJAXAsynchronous Javascript And XML

AJAX allows web pages to be updated asynchronously by exchanging data with a web server behind the scenes. This means that it is possible to update parts of a web page, without reloading the whole page.

AJAX

AJAX

AJAX

AJAX in Rails (forms)

AJAX in Rails (forms)

AJAX in Rails (forms)

AJAX in Rails (links)

AJAX in Rails (links)

AJAX in Rails (buttons)

AJAX in Rails (buttons)

AJAX in Rails

Debrief

Authorization- What is a authorization?- How is authorization different than

authentication?- What is role-based authorization?- How can our role-based authorization be

extended to support multiple roles at once (i.e. a owner that can be a regional manager)?

- What is AJAX?- What is a has_many :through association in

Rails, is it the only many to many association?- How is AJAX different than websockets?

AJAX