As I understand you are talking about permissions, user permissions.
It seams logic to me to have a UserPremission model to deal with it.
It could have a list of action it is permit to perform and a way to
check public actions.
You can look at http://redmine.org solution of this issue in their
application source.
You can learn a lot from the others.
On Sep 27, 5:02 pm, ms <m...-cGBD8117FJM@public.gmane.org>
wrote:> Hi,
>
> this is my first post, so hello folks! :) I am thinking about a rights
> management for my ruby on rails application. As usual, there will be
> roles, groups, allowed actions, etc. At the moment, I try to imagine,
> how this thing should work in detail. If there''s an action named
> "create comment" for example, i could do following (some
pseudo-code):
>
> 1) if RightsController.checkAction(CREATE_COMMENT) then (...)
> 2) if RightController.checkAction() then (...)
>
> Whereby the method in example no. 2 looks in the stack to find out the
> calling method and the appropriate class to check whether the action
> is allowed.
>
> Maybe I can connect this to some before filter, I am relatively new to
> ror, so I don''t know exactly, if that''s possible.
>
> Besides this internal check, I plan to mask out all gui elements which
> could cause actions not allowed. So it''s for double-checking.
>
> I look forward to your comments and suggestions about this topic.
>
> Thank you alot!
> ms
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---