I am developing a app in ruby on rails, and I reached a point where I don't know what is my best solution for the fallowing scenario. So far I am able to create Users, create projects, associate users (something like on FB), I am able to invite users to my website and now I would like to allow users to give different levels of access to projects that they created, to other users(something similar with github). Also the users after creating the account they will get a role of superadmin, like that they will be able to manage their on projects, or assign projects to their associates. So which will be my best option between cancan and declarative authorization. Also do I need a table which will store the user_id, role_id, and project_id if I will use cancan or declarative authorization?
Thank you
I will explain my problem better. So far I have User (with devise) which are able to create projects. So, if user1 creates project A and project B I want him, to be able to assign user2 with role admin on project A, and user2 with moderator role on project B. I was thinking in creating a UserRoleProject link table, is it a good idea? Or if not please help me with some pointers.
The action will be something like, User1 select from a list user2, select a project from another list(that user1 created), and select the role that the user2 will have on that project.
Any user will be able to perform the same action on their projects. Also there will be n projects and n users and 3 access levels(admin, moderator, guest)
Thank you
