I have a list of items in which some are locked. if they are locked then I want to make them not be able to be edited. how can i set up something like this: before_filter :locked?(item), :only => [:edit, :update] def locked?(item) if item.locked then return false end or how should i be doing this? thanks! -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Frederick Cheung
2008-Nov-09 21:38 UTC
Re: before_filter to restrict user from editing locked item
On 9 Nov 2008, at 20:19, Scott Kulik wrote:> > I have a list of items in which some are locked. if they are locked > then I want to make them not be able to be edited. > > how can i set up something like this: > > before_filter :locked?(item), :only => [:edit, :update] > > def locked?(item) > if item.locked then return false > endWell you can''t pass an argument to a filter like that. you''d have to fetch the item first (I presume this is all boilerplate stuff so you''re interested in the one of id params[:id]. Also, returning false from a filter doesn''t do anything any more - you need to render or redirect to halt the filter chain. Fred> > > or how should i be doing this? > > thanks! > -- > Posted via http://www.ruby-forum.com/. > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Scott Kulik
2008-Nov-10 00:58 UTC
Re: before_filter to restrict user from editing locked item
Frederick Cheung wrote:> On 9 Nov 2008, at 20:19, Scott Kulik wrote: > >> end > Well you can''t pass an argument to a filter like that. you''d have to > fetch the item first (I presume this is all boilerplate stuff so > you''re interested in the one of id params[:id]. > Also, returning false from a filter doesn''t do anything any more - you > need to render or redirect to halt the filter chain. > > Fredthanks for the info fred. i was just thinking that I should probably do the checking to see if an item is locked in the model before updating. so in item.rb: before_save :validate def validate @user = User.find_by_id(session[:user_id]) if self.locked == 1 && @user.admin == 1 self.errors.add_to_base("This item is locked and can only be edited by an administrator.") return false end end the only problem i have here is that I am unable to access the session variable or the "admin?" function in my authenticated_system library. is there an easy solution to check if a user is an admin from a model? this way sounds like it might be a little easier then using a boilerplate. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Frederick Cheung
2008-Nov-10 09:11 UTC
Re: before_filter to restrict user from editing locked item
On Nov 10, 12:58 am, Scott Kulik <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Frederick Cheung wrote:> > thanks for the info fred. > > i was just thinking that I should probably do the checking to see if an > item is locked in the model before updating. so in item.rb: >Personally I would keep this in the controller. For example if you had a cron job that updating items at night or something like that you wouldn''t want to have to fake up a user for that. Fred> before_save :validate > > def validate > > @user = User.find_by_id(session[:user_id]) > > if self.locked == 1 && @user.admin == 1 > self.errors.add_to_base("This item is locked and can only be > edited by an administrator.") > return false > end > end > > the only problem i have here is that I am unable to access the session > variable or the "admin?" function in my authenticated_system library. > > is there an easy solution to check if a user is an admin from a model? > this way sounds like it might be a little easier then using a > boilerplate. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Scott Kulik
2008-Nov-10 20:03 UTC
Re: before_filter to restrict user from editing locked item
Frederick Cheung wrote:> On Nov 10, 12:58�am, Scott Kulik <rails-mailing-l...-ARtvInVfO7m5VldFQK4jKA@public.gmane.orgt> > wrote: >> Frederick Cheung wrote: > >> >> thanks for the info fred. >> >> i was just thinking that I should probably do the checking to see if an >> item is locked in the model before updating. �so in item.rb: >> > Personally I would keep this in the controller. For example if you had > a cron job that updating items at night or something like that you > wouldn''t want to have to fake up a user for that. > > Fredthanks fred, i put it in the controller and it''s working great. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---