Hi all!
I have the following situation:
class User < ActiveRecord::Base
belongs_to :customer
end
class Customer < ActiveRecord::Base
has_many :events
end
Now, I want to access all customer events from my user, so I added
delegate :events, :to => :customer
This works great, but I would like to enforce some access control over
my objects and would like to do this in the user model and not in a lot
of places inside controllers. Normally, a user should only be able to
CRUD his/her own events, but an admin should be able to access all. The
following I tried in the User class:
alias real_events events
def events
if is_admin? then
Event.find(:all)
else
real_events
end
end
This works great for a normal user, since in controllers, I can do
something like current.user.events.find(1). The problem however is that
a real Array is returned when current_user.is_admin? and not a
association proxy. When calling find() on a normal array, a block is
expected.
Is there a way to overcome this issue or to structure it in a different
way?
Thanks!
Wouter
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---