All,
This is more of a theoretical question I suppose - I''m looking for what
the
consensus is for the "correct" approach in Rails/MVC.
I have a standard security model where a User can have many Roles. There is
a User model, a Role model, and in the db, a linking table, etc. Each role
has a name as well as a category (say, name="waiter",
category="restaurant
worker", for example).
I can check to see of a user has a particular role by doing something along
the lines of
@session[:user].roles.include?(Role.find_by_category("restaurant
worker"))
There is probably a shorter way of doing this, but the point is this:
Would it be "correct" in the Rails/MVC world to add a method to the
User
model so that you could do
@session[:user].has_role_category?("restaurant worker")
(with a better name, of course :-)
Any downside to taking this approach? Is there a "better" one that I
should
consider?
Thoughts?
TIA,
Keith
I would say if it improves code readability you should always add a method. In your example it''s arguable whether that''s the case (both seem pretty readable to me). I wouldn''t do it for the sake of it. On 16 Dec 2005, at 15:13, Keith Lancaster wrote:> All, > This is more of a theoretical question I suppose - I''m looking for > what the > consensus is for the "correct" approach in Rails/MVC. > > I have a standard security model where a User can have many Roles. > There is > a User model, a Role model, and in the db, a linking table, etc. > Each role > has a name as well as a category (say, name="waiter", > category="restaurant > worker", for example). > I can check to see of a user has a particular role by doing > something along > the lines of > > @session[:user].roles.include?(Role.find_by_category("restaurant > worker")) > > There is probably a shorter way of doing this, but the point is this: > Would it be "correct" in the Rails/MVC world to add a method to the > User > model so that you could do > > @session[:user].has_role_category?("restaurant worker") > > (with a better name, of course :-) > Any downside to taking this approach? Is there a "better" one that > I should > consider? > > Thoughts? > TIA, > Keith > > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails
The user should be responsible for itself. Your second approach is the more object-oriented way. Although you might even ask it to report its actual category, not whether it is a certain kind. e.g. session[:user].role >> ''restaurant worker'' - Rabbit --- On 12/16/05, Steven Mohapi-Banks <steven.mohapibanks-ee4meeAH724@public.gmane.org> wrote:> > I would say if it improves code readability you should always add a > method. In your example it''s arguable whether that''s the case (both > seem pretty readable to me). I wouldn''t do it for the sake of it. > > > On 16 Dec 2005, at 15:13, Keith Lancaster wrote: > > > All, > > This is more of a theoretical question I suppose - I''m looking for > > what the > > consensus is for the "correct" approach in Rails/MVC. > > > > I have a standard security model where a User can have many Roles. > > There is > > a User model, a Role model, and in the db, a linking table, etc. > > Each role > > has a name as well as a category (say, name="waiter", > > category="restaurant > > worker", for example). > > I can check to see of a user has a particular role by doing > > something along > > the lines of > > > > @session[:user].roles.include?(Role.find_by_category("restaurant > > worker")) > > > > There is probably a shorter way of doing this, but the point is this: > > Would it be "correct" in the Rails/MVC world to add a method to the > > User > > model so that you could do > > > > @session[:user].has_role_category?("restaurant worker") > > > > (with a better name, of course :-) > > Any downside to taking this approach? Is there a "better" one that > > I should > > consider? > > > > Thoughts? > > TIA, > > Keith > > > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
On Friday 16 December, Keith Lancaster wrote:> @session[:user].roles.include?(Role.find_by_category("restaurant worker"))Look up the law of demeter. I forget the exact wording, but the way I think of it is something like this: "it''s okay to play with your friends, and it''s acceptable to play with your friends'' friends, but that''s it". In other words, it''s okay for a user to know about methods on a role object, but you shouldn''t really go further afield than that without wrapping stuff up in methods. I find this approach reduces the number of things that need changing when something needs refactoring, which is great as anything that puts you off refactoring is likely to reduce the readability of your code. It also makes the code you write easier to understand.> @session[:user].has_role_category?("restaurant worker")This one leaves little room for doubt about it''s intent, and is therefore preferable in my opinion. -- Graham