Topic: Thought about performance, redis, and User Authorization

I'm working on setting up Devise/CanCan (or declarative_authorization) on my app for user auth, and had a thought. A person on one of the articles I was reading was talking about storing priveleges in db to allow an admin to give a user or users access to specific parts of the site(extremely fine-grained control like with the file-system on a computer).

Anyways, that brought me to my idea. Would it be feasible/useful to store permissions in a Redis db? I saw the railscast on I18n backends where Ryan uses redis as a translation store, so I imagine it would work, but would it be worth it (especially if your app has no other use for redis)? It would give flexibility to the end-user (admin) to update privileges as needed but also wouldn't add much in the way of a hit on performance (since it's already in memory).

By the way, this is a hypothetical question for right now. I don't need that kind of granularity on my permissions, and so will declare them the normal way in a class.

Change is a vector. You can have all the change in the world, but if it doesn't go in the right direction, what good is it? |