Hire Martians
Hire Martians
9-
Apr
10
Meet us at Tropical on Rails 2026 in São Paulo, Brazil!

Access denied: the missing guide to authorization in Rails

At RailsConf, in Pittsburgh, Pennsylvania, United States

Topics

Share on

This talk discusses common patterns in designing access systems and demonstrates useful code techniques.

Ruby on Rails brings us a lot of useful tools out-of-the-box, but there are missing parts too. For example, for such an essential task as authorization, we are on our own. Even if we choose a trending OSS solution, we still have to care about the way to keep our code maintainable, efficient, and, of course, bug-less.

Working on Rails projects, I’ve noticed some common patterns in designing access systems, as well as useful code techniques I’d like to share with you in this talk.

Video
Slides
Resources
The following resources were mentioned during the presentation or are useful additional information:

In the same orbit

  • Action Policy

    Action Policy

    An authorization framework for Ruby on Rails applications.
    Action Policy logo

Explore more events

  • Pattern matching on the loose
    By Vladimir Dementyev

    Pattern matching on the loose

    RubyConf Austria 2026Vienna, Austria
    Cover for Pattern matching on the loose
    May
    29-
    31
  • Drop your app/services!
    By Vladimir Dementyev

    Drop your app/services!

    Balkan Ruby 2026Sofia, Bulgaria
    Cover for Drop your app/services!
    May
    15-
    16
Book a call

Irina Nazarova CEO at Evil Martians

Evil Martians is a developer tools consultancy founded in 2006. Creators of PostCSS, imgproxy, and 100+ open source projects with 25 billion downloads.

Book a call
Send email instead