Forum: Ruby Users, Groups, Pages and Permissions

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Shilo A. (Guest)
on 2009-03-05 16:02
Hi - what I'm trying to accomplish is to enable different levels of
access to users in my application. The models are here:

Basically, the permission model holds the group_id, page_id and
read/write permission as boolean. If a certain user from some group is
trying to access a page, he can do it if his group_id has can_read =
true for the specific page_id. He can then edit the page if he has
can_edit = true.

This got a little (very) complex to manage since I need to add and deny
permissions for every group on every page, and also need to use a
before_filter or some sort of <% if current_user.can_read(page_id) %> at
the beginning of each action.

I'm looking for suggestions on how to simplify this system while still
retaining it's original functionality (ie - allow or deny user's access
to pages based on the group he belongs to). The less code in the
controller - the better :)

This topic is locked and can not be replied to.