Displaying 20 results from an estimated 10000 matches similar to: "restrict specific model columns per user"
2006 May 17
1
Experiences with ModelSecurity
Hiall,
I would be very interested in your opinions on the ModelSecurity
plugin by Bruce Perens.
http://perens.com/FreeSoftware/ModelSecurity/Tutorial.html
Some time ago, I read on a few pages that it is the way to go, on this
list however, I didn''t read much about it. Apart from it''s security
level,
quoted from comments in source code:
# FIX: At the moment we only support
2006 Feb 14
4
Fine grained access control
Hi,
I''m building an application which is going to require quite fine grained
access control. Deciding if a user is allowed to access an action will
probably require checking quite number of different rules, so a simple
role-based system won''t be flexible enough.
The approach I think I will try first is, if it''s possible, to ignore
permission issues inside the
2006 Jan 16
2
LoginEngine vs. LoginGenerator?
I just saw a mention here of LoginEngine, which I hadn''t heard of
before. Last week when I was digging for user-account sample code for
my web-app, I instead found the LoginGenerator and started using that:
http://wiki.rubyonrails.com/rails/pages/LoginGenerator
Is one of these preferred over the other? From skimming the API docs,
it does seem that LoginEngine has more features,
2006 Mar 02
3
Modifying "Find" to always add a condition?
I''d like to always add a condition to any version of "find" (e.g.
Thing.find(), Thing.find_by_name(), Thing.find_by_whatever) so that in
addition to whatever conditions are set, an additional condition is set
:conditions=>"user_id=#{current_user.id}"
I''d like to make sure that a user only sees/edits/creates entries in the
database that have the user_id
2006 Apr 28
4
Call for patterns...
Hi group,
I was wondering if anyone more experienced could help me to find a good
pattern for two things:
1. How to group controllers. Example:
We have an admin panel with:
user_managment_controller.rb
priv_managment_controller.rb
widget_controller.rb
User panel with:
mystuff_controller.rb
mytags_controller.rb
profile_controller.rb
And frontend with:
widget_controller.rb
etc...
How do I group
2006 Jan 12
9
Scaffold shows all attributes altough I use attr_accessible!
Hi all
I have a Model like this:
class Member < ActiveRecord::Base
attr_accessible :username, :email, :first_name, :last_name
end
I have created a scaffold using script/generate scaffold member members
Using the URL localhost:3000/members/edit/1 I can edit all attributes,
including created_at, lock_version etc.! But it should only show the
attributes I listed in attr_accessible!
What
2006 Apr 04
4
Membership Management System Plugin/Gem?
Hi, I''m looking to create an online internet community for managing
user profiles and other data. Thus, I would need that has the
following features:
o authentication
- protect individual member pages/directories
o session management
o retrieve and reset passwords
In short, I''m looking to create an online community. Thus, can
someone direct me to a plugin(s) for
2006 Mar 04
0
ModelSecurity for Rails by Bruce Perens
Modelsecurity aims to provide access control within the data model so
that it becomes easy & efficient to specify read or write access to
individual fields.
It has one of those "why didn''t I think of that?" designs which make a
lot of sense.
Has anyone else tried using the latest release of ModelSecurity? What
has been your experience?
Home
2008 Sep 12
3
Help: A copy of ModelSecurity has been removed from the module tree but is still active!
Hi all, I''m posting this in the hope that someone who understands
rails dependencies can shed some light.
I''ve implemented a "ModelSecurity" module in the vein of Bruce Peren''s
old ModelSecurity plugin (http://rubyforge.org/projects/model-
security/).
My ModelSecurity module lives in $RAILS_ROOT/lib. It is automatically
included into ActiveRecord::Base by a
2006 Jan 23
5
can''t install model_security_generator
I''m trying to install Bruce Perens'' ModelSecurity gem, but it keeps asking me if I want to
install rails too (I have already installed rails). It exits if I say no and crashes if I
say yes:
C:\>"c:\ruby\bin\ruby.exe" "c:\ruby\bin\gem" install model_security_generator
Attempting local installation of ''model_security_generator''
Local gem
2006 Apr 14
2
Rails AWS authentication????
I want to setup an api for my web app, but i had a few question on the best
way to do this. I was hoping for some input from you experienced
individuals and rails rock stars.
1) Is there a way to implement a login in feature so that api methods cant
be called without proper authorization? This is so i can log activity and
use of the api from different people and so
-------------- next part
2002 Apr 03
2
Raw EXT3 block format
Hello Guys,
I am looking to extend/create a file system that span networks/device of any
kind, shape and manner :) Check out http://www.insync.za.net/openufs/ (also
on http://openufs.sourceforge.net - but Iam not here to adv. the site !)
I would like to know, where can I find what EXT3 will write to the disk, how
it works etc.
Surely EXT3 will write something like this :
Block 0 - (1024 bytes)
2009 Aug 17
2
Accessing to ekiga.net through Asterisk
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all!
I'm trying to connect to ekiga.net through a client connected to my
Asterisk server. For it I am being based on this [1] document. Next I
put the configurations that I am using.
/etc/asterisk/sip.conf:
; Outgoing to ekiga.net
[ekiga]
type=friend
username=MyUser
secret=MyPass
host=ekiga.net
canreinvite=no
qualify=300
nat = yes
stunaddr =
2002 Aug 28
2
AIX 4.3.3. e rsync 2.5.5
Hi,
At Rs6000/AIX-4.3.3 the rsync-2.5.5 works ok when make local
connections or I use -e rsh or -e ssh for remote connections, like:
(OK) ./rsync -vacz . /user
(OK) ./rsync -vacz -e rsh . user@10.4.2.199:user
(OK) ./rsync -vacz -e ssh . user@10.4.2.199:user
but with standart remote rsync without -e
(NOK) ./rsync -vacz . user@10.4.2.199::user
returns:
rsync: failed to connect to 10.4.2.199:
2006 May 10
13
Issue in ActiveRecord generated reader methods
Hi all!
I have come into a strange issue in Rails that I am hoping someone
can shed some light.
To make a very long story short, I have been researching how to
override ActiveRecord::Base#read_attribute and write_attribute to
perform security checks at the model level (influenced by the
ModelSecurity generator). Shortly after implementing some code to
check this behavior, I began to
2006 Nov 25
1
Great work on wxRuby2
I''m impressed by the latest release of wxRuby2! Thanks to all the developers
who worked on making this possible. It''s great to have wxWidgets working
with Ruby - and the new sample programs are a tremendous help.
There is a 700+ page book on wxWidgets - Cross-Platform GUI Programming with
2015 May 04
5
Bug#776094: dovecot-imapd: corrupts mailbox after trying to retrieve it (fwd)
Am 04.05.2015 um 21:04 schrieb Santiago Vila:
> Greetings.
>
> Thanks to Jelmer Vernooij, who has just uploaded version 2.2.16 for
> Debian unstable, I can confirm that this bug may still be reproduced
> in version 2.2.16, so it has *not* been fixed yet.
>
> Several months ago I was told "I can't reproduce it in dovecot hg", or
> something like that. Well,
2013 Jul 02
3
[PATCH RFC] xen-netback: remove guest RX path dependence on MAX_SKB_FRAGS
This dependence is undesirable and logically incorrect.
It''s undesirable because Xen network protocol should not depend on a
OS-specific constant.
It''s incorrect because the ring slots required doesn''t correspond to the
number of frags a SKB has (consider compound page frags).
This patch removes this dependence by correctly counting the ring slots
required.
2015 May 04
4
imapc fetch optimization
Hi,
On 05/04/15 10:59, Timo Sirainen wrote:
> On 28 Apr 2015, at 23:49, Nagy, Attila <bra at fsn.hu> wrote:
>> Hi,
>>
>> imapc does a lot of UID FETCH $UID (BODY.PEEK[]), which is nice, because it works even with the dumbest IMAP server, altough it really kills performance, especially on high latency lines.
>>
>> I wonder: if IMAP servers can effectively
2015 May 06
2
Bug#776094: dovecot-imapd: corrupts mailbox after trying to retrieve it (fwd)
On 05/05/2015 05:26 PM, Santiago Vila wrote:
> I have just verified with IMAP commands. This is the procedure:
>
> telnet localhost 143
>
> and then type this:
>
> A0001 CAPABILITY
> A0002 LOGIN "bluser" "bluser"
> A0003 SELECT "inbox-b"
> A0004 EXPUNGE
> A0005 FETCH 1:12 RFC822.SIZE
> A0006 FETCH 1 RFC822.HEADER
> A0007 FETCH