I am using the the authorization recipe outlined in Rails Recipes.Is it
possible for one role, say ''admin'', to have access to every
action on every
controller without explicitly having to create a Right for each?
I know this will not work as is, and to force it to do so would violate MVC,
but is there some other way to accomplish having something like this in a
controller:
loggedin=false;
if session[:user]
Applicant.find(session[:user]).roles.each{|r| loggedin=true if
r.name="admin"}
end
skip_before_filter :check_authentication, :check_authorization if loggedin
Thanks,
Howard
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
On 8/24/06, Howard Roberts <hdean.roberts-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I am using the the authorization recipe outlined in Rails Recipes.Is it > possible for one role, say ''admin'', to have access to every action on every > controller without explicitly having to create a Right for each? > > I know this will not work as is, and to force it to do so would violate MVC, > but is there some other way to accomplish having something like this in a > controller: > > loggedin=false; > if session[:user] > Applicant.find(session[:user]).roles.each{|r| loggedin=true if > r.name=="admin"} > end > skip_before_filter :check_authentication, :check_authorization if loggedin > > > Thanks, > HowardI store * as a wildcard for the action/controller columns, and query for (rights.controller = controller_name OR rights.controller = ''*'') AND <same for action> in my authorized() method. Isak --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
On 8/24/06, Isak Hansen <isak.hansen-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I store * as a wildcard for the action/controller columns, and query > for (rights.controller = controller_name OR rights.controller = ''*'') > AND <same for action> in my authorized() method. > > > Isak > >Thanks Isak, It seemed so very obvious once I saw your suggestion. I works beautifully. Thank You, Howard --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
I am using the the authorization recipe outlined in Rails Recipes.Is it
possible for one role, say ''admin'', to have access to every
action on every
controller without explicitly having to create a Right for each?
I know this will not work as is, and to force it to do so would violate MVC,
but is there some other way to accomplish having something like this in a
controller:
loggedin=false;
if session[:user]
Applicant.find(session[:user]).roles.each{|r| loggedin=true if
r.name="admin"}
end
skip_before_filter :check_authentication, :check_authorization if loggedin
Thanks,
Howard
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://wrath.rubyonrails.org/pipermail/rails/attachments/20060824/92154834/attachment-0001.html