Rails - May 2006 - Hiding HTML Markup

Hi,

THis may be a simple question. I am trying to hide some HTML markup 
language depending on a value. So for example I have the following in an 
RHTML file:

<%if session[:role]=="Administrator" %>
 <label><Strong>Administration</strong></label><br>
 <%= link_to("Users",
:controller=>"Users",:action=>"list") %></br>
<%end>

I want to be able to hide the Label part if the user is not an 
Administrator and output it if the user is.

I dont know how to do it using Rails.
Could somebody give me an idea
Thanks

-- 
Posted via http://www.ruby-forum.com/.

<% else %>

-- 
Posted via http://www.ruby-forum.com/.

John Philp wrote the following on 29.05.2006 16:57 :
>Hi,
>
>THis may be a simple question. I am trying to hide some HTML markup 
>language depending on a value. So for example I have the following in an 
>RHTML file:
>
><%if session[:role]=="Administrator" %>
>
<label><Strong>Administration</strong></label><br>
> <%= link_to("Users",
:controller=>"Users",:action=>"list") %></br>
><%end>
>
>I want to be able to hide the Label part if the user is not an 
>Administrator and output it if the user is.
>
>  
>
It should work as is (minus the missing % after "end" problem).

One remark, though :
you should not have a "session[:role]" if role is a user property.

You should probably code an accessor like the following, made available 
through application.rb and application_helper.rb:

    def current_role
        current_user ? current_user.role : nil
    end
    def current_user
        # Cache the User instance (probably used multiple times in a 
request)
        return @cached_user if @cached_user
        # The find (:first ...) instead of a "find(id)" avoids 
exceptions when the id isn''t in DB
        session[:user_id] ? (@cached_user = User.find(:first,
                                                            :conditions 
=> [ ''id = ?'', session[:user_id]])) : nil
    end

@cached_user avoids multiple calls to the DB. You end up 1/ restoring 
the session, 2/ doing a single find for your user on each request 
instead of only 1/ restoring the session.
Roughly the same amount of data is transferred but this is a little bit 
slower than a single request. So why bother? You get a lot of robustness 
for a very small perf penalty, see below.

Your login method should only put the logged-in user id in session. 
Otherwise you''ll get multiple problems:
- when restoring sessions you''ll need various models pre-loaded when 
restoring the user (depending on the objects stored in the session 
through the user instance which can cache itself other objects), in 
short all associated models must be loaded by a
model :<model1>, ..., :<modeln>
line in application.rb to avoid such problems.

- when changing the user model, you can''t restore the sessions anymore 
(objects dumped with old models can''t be restored with the new one),
- changes applied to the logged in user or associated cached objects 
aren''t visible if done by using other instances of the same objects (in
other sessions but also in the same session...).

In short, you''ll avoid a lot of trouble by neither storing more than
the
smallest bit of information you need in session: the user id. In 
practice, the perf penalty isn''t even noticeable.

Lionel.

Looks like your using the User Engine

If that''s true they have a helper method that''s most
efficient:

<%=link_if_authorized(''Edit'', 

{:controller=>''listing'',:action=>''edit'',
:id => @listing } ) %>


Will only show the link if the current users is allowed to


-----Original Message-----
From: rails-bounces@lists.rubyonrails.org
[mailto:rails-bounces@lists.rubyonrails.org] On Behalf Of Lionel Bouton
Sent: Monday, May 29, 2006 8:27 AM
To: rails@lists.rubyonrails.org
Subject: Re: [Rails] Hiding HTML Markup

John Philp wrote the following on 29.05.2006 16:57 :
>Hi,
>
>THis may be a simple question. I am trying to hide some HTML markup 
>language depending on a value. So for example I have the following in an 
>RHTML file:
>
><%if session[:role]=="Administrator" %>
>
<label><Strong>Administration</strong></label><br>
> <%= link_to("Users",
:controller=>"Users",:action=>"list") %></br>
><%end>
>
>I want to be able to hide the Label part if the user is not an 
>Administrator and output it if the user is.
>
>  
>
It should work as is (minus the missing % after "end" problem).

One remark, though :
you should not have a "session[:role]" if role is a user property.

You should probably code an accessor like the following, made available 
through application.rb and application_helper.rb:

    def current_role
        current_user ? current_user.role : nil
    end
    def current_user
        # Cache the User instance (probably used multiple times in a 
request)
        return @cached_user if @cached_user
        # The find (:first ...) instead of a "find(id)" avoids 
exceptions when the id isn''t in DB
        session[:user_id] ? (@cached_user = User.find(:first,
                                                            :conditions 
=> [ ''id = ?'', session[:user_id]])) : nil
    end

@cached_user avoids multiple calls to the DB. You end up 1/ restoring 
the session, 2/ doing a single find for your user on each request 
instead of only 1/ restoring the session.
Roughly the same amount of data is transferred but this is a little bit 
slower than a single request. So why bother? You get a lot of robustness 
for a very small perf penalty, see below.

Your login method should only put the logged-in user id in session. 
Otherwise you''ll get multiple problems:
- when restoring sessions you''ll need various models pre-loaded when 
restoring the user (depending on the objects stored in the session 
through the user instance which can cache itself other objects), in 
short all associated models must be loaded by a
model :<model1>, ..., :<modeln>
line in application.rb to avoid such problems.

- when changing the user model, you can''t restore the sessions anymore 
(objects dumped with old models can''t be restored with the new one),
- changes applied to the logged in user or associated cached objects 
aren''t visible if done by using other instances of the same objects (in
other sessions but also in the same session...).

In short, you''ll avoid a lot of trouble by neither storing more than
the
smallest bit of information you need in session: the user id. In 
practice, the perf penalty isn''t even noticeable.

Lionel.
_______________________________________________
Rails mailing list
Rails@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/listinfo/rails