I have long struggled with the difference between authentication and authorization. They both revolve around user permissions and signing in and out. But I recently found out the difference and made a small mnemonic for keeping them straight:
- Authentication is about proving you are who you say you are i.e., you are authentic.
- Authorization is about permissions. We know who you are and no you’re not authorized to go backstage. Sir… Sir!
Rails has many conventions. It’s one of the reasons I’ve felt so successful with it. I can let go of a lot of decisions and trust the framework to do the right thing. However, it doesn’t (and couldn’t) have a convention for everything. For instance, there’s no convention for what to call an identifying string on a model.
What is the field you identify a
Category by? Here are some choices:
title is probably the best choice out of those. However there are many circumstances where
name works just as well:
There are many options and it starts to get pretty confusing, especially since there are multiple names that make sense in the same situation. I’ve been on many projects where we’ve used these interchangeably and it’s a mess.
So here’s what I’m trying:
- For a person or animal, use
- For longer text content (often represented by the
text column type), use
- For everything else, use
This won’t cover everything, of course. Categories can have a
name and Products can have a
label, but sticking to title instead doesn’t break many grammar rules. And like with everything in Rails, occasional exceptions are just fine.