Hi Forum, I hope someone can help me. I have a client who has asked me to develop a project status tracking application using Ruby on Rails which will enable various business partners to view the status of various projects that are currently in progress. Each business partner will have projects which they can view the status. There will be projects which some business partners cannot view the status. Would someone please direct me to a plug-in or tutorial or book which will enable me to setup this scenario in Ruby on Rails. I suppose what I''m really looking for is a facility to not only perform Authentication (i.e., registration, login, logout, etc.) but also Access Control to projects in this case (e.g., User A can view Projects A, B & C, but not Projects D, E & F, in fact, User A doesn''t even know that Projects D, E & F exist). I hope someone can provide direction. Thanks in advance. Kind Regards Walter --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Have a look at: http://www.railsforum.com/viewtopic.php?id=14216 And particularly post #5, where the author explains about different "areas" of the application, selecting by the user role. Regards, Rey9999 On 22 Mag, 09:27, Walter Lockhart <walterlockh...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi Forum, > > I hope someone can help me. > > I have a client who has asked me to develop a project status tracking > application using Ruby on Rails which will enable various business > partners to view the status of various projects that are currently in > progress. > > Each business partner will have projects which they can view the > status. There will be projects which some business partners cannot > view the status. > > Would someone please direct me to a plug-in or tutorial or book which > will enable me to setup this scenario in Ruby on Rails. > > I suppose what I''m really looking for is a facility to not only > perform Authentication (i.e., registration, login, logout, etc.) but > also Access Control to projects in this case (e.g., User A can view > Projects A, B & C, but not Projects D, E & F, in fact, User A doesn''t > even know that Projects D, E & F exist). > > I hope someone can provide direction. > > Thanks in advance. > > Kind Regards > > Walter--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
i would probably start with good old faithful restful_authentication plugin. This wil give you your basic login/registration pattern Next, I add acl_system2 plugin, which allows me to lock down certain sections of the website programmatically by adding roles to users. Very easy. Next I would create my models controllers and views for the Projects Next I would use a polymorphic has_many :through association to "attach" projects to users. By using polymorphism you allow the flexibillity to create other types of assets that users might be restricted in viewing Finally i would create a helper method within the User model that allowed me to check whether a project is viewable by a specific user e.g. current_user.allowed?(project) e.g. user table id | login | hashed_password | email roles table id | title roles_users table user_id | role_id projects table id | name | description | created_at | updated_at assetables table (this is your polymorphic association table, where you assign projects to your users) id | user_id | assetable_id | assetable_type I always get confused with the polymorphic association syntax. If you''re stuck, get hold of acts_as_taggable_on_steroids and copy the way they do it, or, just drop back to a has_and_belongs_to_many association until you really need to use polymorphism. BTW I find make_resourceful invaluable when dealing with polymorphic resources, and, in fact all RESTful controllers. You might like to take a look too mr.hamptoncaitlin.com. Take a look inside the actions.rb file to see what it''s doing under the hood. Good luck Joe On May 22, 8:27 am, Walter Lockhart <walterlockh...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi Forum, > > I hope someone can help me. > > I have a client who has asked me to develop a project status tracking > application using Ruby on Rails which will enable various business > partners to view the status of various projects that are currently in > progress. > > Each business partner will have projects which they can view the > status. There will be projects which some business partners cannot > view the status. > > Would someone please direct me to a plug-in or tutorial or book which > will enable me to setup this scenario in Ruby on Rails. > > I suppose what I''m really looking for is a facility to not only > perform Authentication (i.e., registration, login, logout, etc.) but > also Access Control to projects in this case (e.g., User A can view > Projects A, B & C, but not Projects D, E & F, in fact, User A doesn''t > even know that Projects D, E & F exist). > > I hope someone can provide direction. > > Thanks in advance. > > Kind Regards > > Walter--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
or.. you could do it all yourself, like the post that just beat me! ;) On May 22, 9:26 am, Wildtangent <wildtang...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> i would probably start with good old faithful restful_authentication > plugin. This wil give you your basic login/registration pattern > Next, I add acl_system2 plugin, which allows me to lock down certain > sections of the website programmatically by adding roles to users. > Very easy. > > Next I would create my models controllers and views for the Projects > Next I would use a polymorphic has_many :through association to > "attach" projects to users. By using polymorphism you allow the > flexibillity to create other types of assets that users might be > restricted in viewing > Finally i would create a helper method within the User model that > allowed me to check whether a project is viewable by a specific user > e.g. current_user.allowed?(project) > > e.g. > user table > id | login | hashed_password | email > > roles table > id | title > > roles_users table > user_id | role_id > > projects table > id | name | description | created_at | updated_at > > assetables table (this is your polymorphic association table, where > you assign projects to your users) > id | user_id | assetable_id | assetable_type > > I always get confused with the polymorphic association syntax. If > you''re stuck, get hold of acts_as_taggable_on_steroids and copy the > way they do it, or, just drop back to a has_and_belongs_to_many > association until you really need to use polymorphism. > > BTW I find make_resourceful invaluable when dealing with polymorphic > resources, and, in fact all RESTful controllers. You might like to > take a look too mr.hamptoncaitlin.com. Take a look inside the > actions.rb file to see what it''s doing under the hood. > > Good luck > > Joe > > On May 22, 8:27 am, Walter Lockhart <walterlockh...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > Hi Forum, > > > I hope someone can help me. > > > I have a client who has asked me to develop a project status tracking > > application using Ruby on Rails which will enable various business > > partners to view the status of various projects that are currently in > > progress. > > > Each business partner will have projects which they can view the > > status. There will be projects which some business partners cannot > > view the status. > > > Would someone please direct me to a plug-in or tutorial or book which > > will enable me to setup this scenario in Ruby on Rails. > > > I suppose what I''m really looking for is a facility to not only > > perform Authentication (i.e., registration, login, logout, etc.) but > > also Access Control to projects in this case (e.g., User A can view > > Projects A, B & C, but not Projects D, E & F, in fact, User A doesn''t > > even know that Projects D, E & F exist). > > > I hope someone can provide direction. > > > Thanks in advance. > > > Kind Regards > > > Walter--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Or sign up for a corporate Basecamp account, spend some time setting up the users and project data, then spend the summer working on all those projects. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Rey9999, Wildtangent & Cynthia. Thank you for your responses. You''ve given me a lot of information to review and consider. Thanks. Walter On May 22, 8:27 am, Walter Lockhart <walterlockh...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi Forum, > > I hope someone can help me. > > I have a client who has asked me to develop a project status tracking > application using Ruby on Rails which will enable various business > partners to view the status of various projects that are currently in > progress. > > Each business partner will have projects which they can view the > status. There will be projects which some business partners cannot > view the status. > > Would someone please direct me to a plug-in or tutorial or book which > will enable me to setup this scenario in Ruby on Rails. > > I suppose what I''m really looking for is a facility to not only > perform Authentication (i.e., registration, login, logout, etc.) but > also Access Control to projects in this case (e.g., User A can view > Projects A, B & C, but not Projects D, E & F, in fact, User A doesn''t > even know that Projects D, E & F exist). > > I hope someone can provide direction. > > Thanks in advance. > > Kind Regards > > Walter--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---