Hi all, I''m using acts_as_authenticated for the front end facing part of my site. I have a model called Customer. I now want to protect the admin sides of things. I am thinking of using Ezra''s acl plugin (http://opensvn.csie.org/ezra/rails/plugins/dev/acl_system2/README) for this. My only problem is that I don''t want the model for admin users to be called Customer, I''d rather it be called User or something (call me pedantic :) So, I could rename my Customer model to User and implement the above plugin which will give me the authorization I want. But then I lose the ability to do: @order.customer.fullname Instead it will be: @order.user.fullname Also, for admin users, I just want to store their username and password, not all the other associated data that goes with a customer. Is this a use for STI? Can I somehow alias the User model so that it can be accessed as Customer as well? Shall I just forget this and live with the name User? :) How do others approach the frontend/backend authorization scenario? I would imagine it''s pretty common. Many thanks, Jord
Hello Jord, 2006/7/25, Jordan Elver <jordan.elver@gmail.com>:> Is this a use for STI? Can I somehow alias the User model so that it > can be accessed as Customer as well? Shall I just forget this and live > with the name User? :)Nothing prevents you from doing: class Order < ActiveRecord::Base belongs_to :customer, :class_name => ''User'', :foreign_key => :customer_id end class User < ActiveRecord::Base has_many :orders, :foreign_key => :customer_id end That takes care of one problem. Secondly, your admin users. Yes, this is a use for STI. You can do this: class User < ActiveRecord::Base validates_presence_of :login, :password end class Customer < User validates_presence_of :address, :phone has_many :orders, :foreign_key => :customer_id, :order => :order_no end class Order < ActiveRecord::Base belongs_to :customer, :foreign_key => :customer_id validates_presence_of :customer_id end Hope that helps ! -- Fran?ois Beausoleil http://blog.teksol.info/
Hi Francois,> Nothing prevents you from doing: > > class Order < ActiveRecord::Base > belongs_to :customer, :class_name => ''User'', :foreign_key => :customer_id > end > > class User < ActiveRecord::Base > has_many :orders, :foreign_key => :customer_id > endThat''s great to know. I always assumed that the association had to be the name of the table. Very useful, thanks.> That takes care of one problem. Secondly, your admin users. Yes, > this is a use for STI. You can do this: > > class User < ActiveRecord::Base > validates_presence_of :login, :password > end > > class Customer < User > validates_presence_of :address, :phone > has_many :orders, :foreign_key => :customer_id, :order => :order_no > end > > class Order < ActiveRecord::Base > belongs_to :customer, :foreign_key => :customer_id > validates_presence_of :customer_id > end > > Hope that helps !It does, greatly. Thank you very much :) I can''t help thinking that this is too much. I only need to password protect a controller with one or two usernames and I wanted to keep the acts_as_authenticated code as DRY as possible, which is why I''ve gone for this idea. Do you think it''s a good idea to mix customers and internal users into the same table? What do you think? Cheers, Jord