When it comes to Authorization/Authentication devise + cancan are usually my gems of choice. After the release of Rails4's strong parameters I've been looking into using the cancan_strong_parameters gem.
I can't shake the feeling that this approach seems a bit 'hacky'. The other options seems to be TheRole gem or simply rolling my own auth from scratch.
Was hoping anyone with first hand experience here could give a few pointers on how they tackled the problem, what problems the faced and where each approach fell short (if anywhere).
I know this isn't a clean cut StackOverflow typed question, but there doesn't seem to be much info regarding this subject when Googling. Thanks.
Have you read the discussion in PR 763 "support for strong_parameters"?
In short, until cancan 2 comes out, some people are using Oliver Morgan's fork.