I have multiple roles in my application. Now I want to block a method for all users except the administrator and a manager. When I do this: before_filter (:check_administrator_role), :only => [:administration] before_filter (:check_taskmanager_role), :only => [:administration] The user must have both roles. How can I change that to an "OR" combination? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, May 21, 2008 at 8:54 AM, Sjoerd Schunselaar <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> > I have multiple roles in my application. > Now I want to block a method for all users except the administrator and > a manager. > When I do this: > > before_filter (:check_administrator_role), :only => [:administration] > before_filter (:check_taskmanager_role), :only => [:administration] > > The user must have both roles. How can I change that to an "OR" > combination?How about before_filter(:admin_authorized), :only => [:administration] def admin_authorized check_administrator_role || check_taskmanager_role end or before_filter :only => [:administration] {|controller, action| controller.check_administrator_role || controller.check_taskmanager_role} -- Rick DeNatale My blog on Ruby http://talklikeaduck.denhaven2.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Thank you, but both method does not work.
Maby I''m stupid (This is my first month with RoR), but in my
application
a user has only one role. So the first method does not work. And the
second method I don''t understand. What do I have to fill in as
controller, and action? Also he said "{" is unexpected at your second
method.
I''ve also tried;
before_filter (:check_administrator_role || :check_taskmanager_role),
:only => [:administration]
Rick Denatale wrote:> On Wed, May 21, 2008 at 8:54 AM, Sjoerd Schunselaar
> <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:
>> combination?
> How about
>
> before_filter(:admin_authorized), :only => [:administration]
>
> def admin_authorized
> check_administrator_role || check_taskmanager_role
> end
>
> or
>
> before_filter :only => [:administration] {|controller, action|
> controller.check_administrator_role ||
> controller.check_taskmanager_role}
>
> --
> Rick DeNatale
>
> My blog on Ruby
> http://talklikeaduck.denhaven2.com/
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
On 21 May 2008, at 15:12, Sjoerd Schunselaar wrote:> > Thank you, but both method does not work. > Maby I''m stupid (This is my first month with RoR), but in my > application > a user has only one role. So the first method does not work. And the > second method I don''t understand. What do I have to fill in as > controller, and action? Also he said "{" is unexpected at your second > method. > > I''ve also tried; > before_filter (:check_administrator_role || :check_taskmanager_role), > :only => [:administration]You can''t do anything like that. you need to produce a single filter that performs the check (which seems to be what rick''s suggestion is). Fred> > > > > > > Rick Denatale wrote: >> On Wed, May 21, 2008 at 8:54 AM, Sjoerd Schunselaar >> <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote: >>> combination? >> How about >> >> before_filter(:admin_authorized), :only => [:administration] >> >> def admin_authorized >> check_administrator_role || check_taskmanager_role >> end >> >> or >> >> before_filter :only => [:administration] {|controller, action| >> controller.check_administrator_role || >> controller.check_taskmanager_role} >> >> -- >> Rick DeNatale >> >> My blog on Ruby >> http://talklikeaduck.denhaven2.com/ > > -- > Posted via http://www.ruby-forum.com/. > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, May 21, 2008 at 10:17 AM, Frederick Cheung <frederick.cheung-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > > On 21 May 2008, at 15:12, Sjoerd Schunselaar wrote: > >> >> Thank you, but both method does not work. >> Maby I''m stupid (This is my first month with RoR), but in my >> application >> a user has only one role. So the first method does not work. And the >> second method I don''t understand. What do I have to fill in as >> controller, and action? Also he said "{" is unexpected at your second >> method. >> >> I''ve also tried; >> before_filter (:check_administrator_role || :check_taskmanager_role), >> :only => [:administration] > You can''t do anything like that. you need to produce a single filter > that performs the check (which seems to be what rick''s suggestion is).Yes that''s what I was suggesting. I think the problem was I didn''t really go into how filters work. the two existing check_xxx_role methods probably look something like: def check_administrator_role redirect_to somewhere unless user.has_role(:administrator) end def check_taskmanager_role redirect_to somewhere unless user.has_role(:taskmanager) end So my simple admin_authorized method will actually stop the filter chain unless the user has BOTH roles rather than either, instead rather than calling the other two filter methods, it need to do something like: def admin_authorized redirect_to somewhere unless user.has_role(:administrator) || user.has_role(:taskmanager) end or some equivalent logic. -- Rick DeNatale My blog on Ruby http://talklikeaduck.denhaven2.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
I was about to suggest something along the lines of Rick''s last
suggestion. Why note create a single method with a sponge parameter
so that it accepts one or more role names and returns whether or not
the user is one or more of those roles? If you did that then you
could include the method in your ApplicationController and share the
logic with all your controllers.
def authorized_for_roles(*roles)
roles.each{|role_name| return true if user.has_role?(role_name)}
false
end
With that you could have a before_filter like this:
before_filter :authorize_administration, :only=>:administration
...
private
def authorize_administration
authorized_for_roles :administrator, :taskmanager
end
On May 21, 12:20 pm, "Rick DeNatale"
<rick.denat...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> On Wed, May 21, 2008 at 10:17 AM, Frederick Cheung
>
>
>
> <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > On 21 May 2008, at 15:12, Sjoerd Schunselaar wrote:
>
> >> Thank you, but both method does not work.
> >> Maby I''m stupid (This is my first month with RoR), but in
my
> >> application
> >> a user has only one role. So the first method does not work. And
the
> >> second method I don''t understand. What do I have to fill
in as
> >> controller, and action? Also he said "{" is unexpected
at your second
> >> method.
>
> >> I''ve also tried;
> >> before_filter (:check_administrator_role ||
:check_taskmanager_role),
> >> :only => [:administration]
> > You can''t do anything like that. you need to produce a single
filter
> > that performs the check (which seems to be what rick''s
suggestion is).
>
> Yes that''s what I was suggesting.
>
> I think the problem was I didn''t really go into how filters work.
the
> two existing check_xxx_role methods probably look something like:
>
> def check_administrator_role
> redirect_to somewhere unless user.has_role(:administrator)
> end
>
> def check_taskmanager_role
> redirect_to somewhere unless user.has_role(:taskmanager)
> end
>
> So my simple admin_authorized method will actually stop the filter
> chain unless the user has BOTH roles rather than either, instead
> rather than calling the other two filter methods, it need to do
> something like:
>
> def admin_authorized
> redirect_to somewhere unless user.has_role(:administrator) ||
> user.has_role(:taskmanager)
> end
>
> or some equivalent logic.
>
> --
> Rick DeNatale
>
> My blog on Rubyhttp://talklikeaduck.denhaven2.com/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
After reading your and Ricks post I understand what my problem was. Now
I use this in my authentication controller, and it seems al working
fine.
def authorized_for_roles(*roles)
roles.each{|role| return true if @current_user.has_role?(role)}
permission_denied
end
Thank you for the quick and good response!
AndyV wrote:> I was about to suggest something along the lines of Rick''s last
> suggestion. Why note create a single method with a sponge parameter
> so that it accepts one or more role names and returns whether or not
> the user is one or more of those roles? If you did that then you
> could include the method in your ApplicationController and share the
> logic with all your controllers.
>
>
> def authorized_for_roles(*roles)
> roles.each{|role_name| return true if user.has_role?(role_name)}
> false
> end
>
> With that you could have a before_filter like this:
>
> before_filter :authorize_administration, :only=>:administration
> ...
> private
> def authorize_administration
> authorized_for_roles :administrator, :taskmanager
> end
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
hi... can u explain to me what is "@current_user.has_role?(role)" means. "has_role" izzit a method that u define by urself ? Thanks You!!!!!!! On May 22, 2:44 pm, Sjoerd Schunselaar <rails-mailing-l...@andreas- s.net> wrote:> After reading your and Ricks post I understand what my problem was. Now > I use this in my authentication controller, and it seems al working > fine. > > def authorized_for_roles(*roles) > roles.each{|role| return true if @current_user.has_role?(role)} > permission_denied > end > > Thank you for the quick and good response! > > > > > > AndyV wrote: > > I was about to suggest something along the lines of Rick''s last > > suggestion. Why note create a single method with a sponge parameter > > so that it accepts one or more role names and returns whether or not > > the user is one or more of those roles? If you did that then you > > could include the method in your ApplicationController and share the > > logic with all your controllers. > > > def authorized_for_roles(*roles) > > roles.each{|role_name| return true if user.has_role?(role_name)} > > false > > end > > > With that you could have a before_filter like this: > > > before_filter :authorize_administration, :only=>:administration > > ... > > private > > def authorize_administration > > authorized_for_roles :administrator, :taskmanager > > end > > -- > Posted viahttp://www.ruby-forum.com/.- Hide quoted text - > > - Show quoted text ---~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
hi
i am new to rails. i tried to create a site with multiple role as
described above.
when i tried the following code
def authorized_for_roles(*roles)
roles.each{|role| return true if @current_user.has_role?(role)}
permission_denied
end
i got the following error
You have a nil object when you didn''t expect it!
The error occurred while evaluating nil.has_role?
can anyone explain what is wrong.
thank you
On May 22, 2:44 pm, Sjoerd Schunselaar <rails-mailing-l...@andreas-
s.net> wrote:> After reading your and Ricks post I understand what my problem was. Now
> I use this in my authentication controller, and it seems al working
> fine.
>
> def authorized_for_roles(*roles)
> roles.each{|role| return true if @current_user.has_role?(role)}
> permission_denied
> end
>
> Thank you for the quick and good response!
>
>
>
> AndyV wrote:
> > I was about to suggest something along the lines of Rick''s
last
> > suggestion. Why note create a single method with a sponge parameter
> > so that it accepts one or more role names and returns whether or not
> > the user is one or more of thoseroles? If you did that then you
> > could include the method in your ApplicationController and share the
> > logic with all your controllers.
>
> > def authorized_for_roles(*roles)
> > roles.each{|role_name| return true if user.has_role?(role_name)}
> > false
> > end
>
> > With that you could have abefore_filterlike this:
>
> >before_filter:authorize_administration, :only=>:administration
> > ...
> > private
> > def authorize_administration
> > authorized_for_roles :administrator, :taskmanager
> > end
>
> --
> Posted viahttp://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---