Here is a plain-ruby approach for a flexible and expendable authorization solution to authorize actions that a user can?
perform within an account or organization based on their access_level
.
class CreateMembers < ActiveRecord::Migration[6.0]
def change
create_table :members do |t|
t.references :account, null: false, foreign_key: true
t.integer :access_level
t.references :user, foreign_key: true