Forum: Rails Engines login-engine restrict by role?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ryan T. (Guest)
on 2006-02-13 03:09
(Received via mailing list)
OK, I haven't been able to figure out the answer to this reading over
the login-engine docs.

I've got login-engine set up on a rails app of mine that is a
rudimentary bug tracker. Great.

Trouble is, any schmoe who hits my site can sign up for an account in
a few seconds, and I don't want just any schmoe to be able to see my
bug database. I only want people I explicitly authorize to be able to
see the bug database.

So -- how do I make it so that a registered user has to have a
particular "role" (I saw this column in the schema) to be able to
access certain pages?
Ryan T. (Guest)
on 2006-02-13 06:17
(Received via mailing list)
On 2/12/06, Ryan T. <removed_email_address@domain.invalid> wrote:
> So -- how do I make it so that a registered user has to have a
> particular "role" (I saw this column in the schema) to be able to
> access certain pages?

It looks like what I want is to override def authorize, although I'm
not quite sure yet where to put my own version of authorize.

And it looks like I may want to install user-engine to get the
scaffolding I want to setup Roles.
James A. (Guest)
on 2006-02-13 11:55
(Received via mailing list)
The 'role' column in the schema is vestigial, and was present in the
SHLG upon which the login engine is heavily, heavily based. It will be
snipped out in the next version.

On 2/13/06, Ryan T. <removed_email_address@domain.invalid> wrote:
> _______________________________________________
> engine-users mailing list
> removed_email_address@domain.invalid
> http://lists.rails-engines.org/listinfo.cgi/engine...
>


--
* J *
  ~
Greg F. (Guest)
on 2006-02-13 17:53
(Received via mailing list)
I had what I think is a similar issue.  Search the archives for my
name and login engine.

On 2/12/06, Ryan T. <removed_email_address@domain.invalid> wrote:
>
> So -- how do I make it so that a registered user has to have a
> particular "role" (I saw this column in the schema) to be able to
> access certain pages?
> _______________________________________________
> engine-users mailing list
> removed_email_address@domain.invalid
> http://lists.rails-engines.org/listinfo.cgi/engine...
>


--
Greg F.
The Norcross Group
Forensics for the 21st Century
Ryan T. (Guest)
on 2006-02-14 00:38
(Received via mailing list)
On 2/12/06, Ryan T. <removed_email_address@domain.invalid> wrote:
> And it looks like I may want to install user-engine to get the
> scaffolding I want to setup Roles.


This did it. It had everything I needed. I just don't give the base
User role any powers by default (beside changing his own name and
password), and give people who should have access a certain role
manually.

Kind of a pain to install on top of login-engine, however. It didn't
want to make my one existing user (me) admin, despite following the
instructions on config options, so I stopped trying to make that work
and re-bootstrapped so it made the default  "admin" login (with a
default password) , signed in as "admin," promoted myself to
administrator, then deleted the "admin" account.
James A. (Guest)
on 2006-02-14 00:42
(Received via mailing list)
Feel free to supply a patch which will 'promote' an existing user....

- james

On 2/13/06, Ryan T. <removed_email_address@domain.invalid> wrote:
> Kind of a pain to install on top of login-engine, however. It didn't
> want to make my one existing user (me) admin, despite following the
> instructions on config options, so I stopped trying to make that work
> and re-bootstrapped so it made the default  "admin" login (with a
> default password) , signed in as "admin," promoted myself to
> administrator, then deleted the "admin" account.
> _______________________________________________
> engine-users mailing list
> removed_email_address@domain.invalid
> http://lists.rails-engines.org/listinfo.cgi/engine...
>


--
* J *
  ~
This topic is locked and can not be replied to.