Forum: Rails Engines simple ACL's

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Vincent AE Scott (Guest)
on 2006-01-31 04:04
(Received via mailing list)
Hello all,

I've been using LoginEngine and UserEngine in an app I'm developing and
I've reached a stage where I'd like to be able to provide more granular
filtering possibilities.  At the moment I'm not quite sure how to go
about the actual filtering of results from .find*,  but that can wait
until later on.  What I want to get started on is providing Groups which
can be assigned a Permission.  These Groups are functionally similar to
the Roles in UE, with the difference that any user can create their own
set of groups ( assigning users and permissions etc ).  The Permissions
are also similar to those in UE, except they aren't tied to a
particular controller/action.

I'm wondering what the best way might be to achieve this, i see a couple
of options:

1) create a new engine and base it off UserEngine but changed to suit my
needs.

2) write some classes/modules to fit in between LoginEngine and
UserEngine, that UE can then be layered on top of while also providing
the framework to accomplish my ACL goals.

3) override UserEngine and add on the extra bits necessary.

As I'm a noob when it comes to ruby/rails, option 1 seems like the
easiest option to start with, but 2 seems like the better longer term
solution.

Apologies for not elaborating further, it's late here and i just wanted
to bang this out before turning in.  If anyone's got any suggestions or
questions, fire away :)

Oh, and second appolgies if this should have gone to the Dev list.

-vince

--

 Those who do not remember the past are condemned to repeat it
 -- George Santayana
Nshbrown N. (Guest)
on 2006-01-31 08:26
(Received via mailing list)
I would recommend taking the UserEngine and using that as a foundation
and
customizing it to suit your needs.

A lot of people are interested in this granularity, so having a new
project
which potentially offers that to the community would be great. And I
imagine
after doing that much customization, putting a layer between the login
and
user engines might be more work than its actually worth long term. From
a
implementers perspective, they would have to install a third engine in
order
to get the functionality.

If any new features were introduced into the user or login engine you
would
have to rewrite the integration, and to be honest they are geared to be
a
starting point.

James and I have discussed introducing versioning and dependencies into
the
engine schema, but until that is ironed out, and a beta is ready having
the
any such core dependencies on engines is going to get a bit messy.
Especially with the user engine already depending on the login engine.
To
add the third tier to that, it seems like overkill.

-Nb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Nathaniel S. H. Brown                           http://nshb.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This topic is locked and can not be replied to.