How to limit some HTML blocks for a certain role/permission?


#1

Hi

I have a small problem here. I have few roles, eg. Client User and

Client Manager. I would like to let view both of them a certain View,
but normal Client User shall not see any blocks of HTML code like
payment lists etc. on a page. How can I achieve this?

Piotr


#2

You can use something like this in a view:

<% if current_user.roles.include?(Role.find_by_name(“Client Manager”) do
%>

<% end %>

Would that be ok? This presumes that you’re using the User Engine…

  • james

On 3/28/06, Piotr U. removed_email_address@domain.invalid wrote:

engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org

  • J *
    ~

#3

James A. napisaÅ?(a):

You can use something like this in a view:

<% if current_user.roles.include?(Role.find_by_name(“Client Manager”) do %>

<% end %>

Would that be ok? This presumes that you’re using the User Engine…

Yeah, I have figured it out. But still, it won’t work as expected.

My application shall grant access to ‘our’ users, and our client’s
users.

So our users arent assigned to Client roles, but instead like Helpdesk
Users or whatever.

Here, if a certain user (or admin) arent assigned Client Manager role
won’t see the block aswell… Which is not the way it should be.

Any solution? :slight_smile:

Peter


#4

Sure… a hack of sorts. Just make some permissions for “fake”
controllers & actions (that need not exist/do anything useful). Then
assign these permissions to the roles you want and use the authorized?
method. This gives arbitrarily fine-grained control:

<% if authorized?(:controller =>‘htmlacesscheck’ :action =>
‘thisbitofhtml’) %>

<% end %>

Piotr U. wrote:

Yeah, I have figured it out. But still, it won’t work as expected.

My application shall grant access to ‘our’ users, and our client’s
users.

So our users arent assigned to Client roles, but instead like Helpdesk
Users or whatever.

Here, if a certain user (or admin) arent assigned Client Manager role
won’t see the block aswell… Which is not the way it should be.

Any solution? :slight_smile:

Peter


#5

Jonathan Bloch napisaÅ?(a):

Oh thanks. But it’s nasty! ;]

Peter


#6

If a set of users all need to see the same chunk of HTML, they should
share the same role. Importantly, though, bear in mind that users can
have MANY roles. So define your roles in a sensible way which reflects
the fine granularity of what information they should/should not see,
and use these presence/absence of those fine-grained roles in your
conditional statements.

  • james

On 3/29/06, Piotr U. removed_email_address@domain.invalid wrote:

http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org

  • J *
    ~

#7

Perhaps roles are not the right metaphor for the kind of discriminant
functionality or display that you need. Good luck.

  • james

On 3/29/06, Piotr U. removed_email_address@domain.invalid wrote:

  • J *
    ~

#8

James A. napisa³(a):

If a set of users all need to see the same chunk of HTML, they should
share the same role. Importantly, though, bear in mind that users can
have MANY roles. So define your roles in a sensible way which reflects
the fine granularity of what information they should/should not see,
and use these presence/absence of those fine-grained roles in your
conditional statements.

  • james

Yes I know, but it would be somewhat difficult to administer all the
users (for example, we have about 20 internal users and 300+ external
ones). Setting many different roles for eg. every variable of html code
chunks can be annoying. I am not sure, but maybe ActiveRBAC would let
this be less complicated.


#9

Hello all,

Has anyone tried to use the UserEngine alongside the upload progress
plugin? We have everything working correctly for both of those, but
we’re finding that when a user is logged in, the ajax requests used
in the upload plugin get hung up. They never return anything, and I
have to kill off the fcgi processes it kicks up manually.

The strange thing is that if the user logs out, everything works fine.

I’ve tried changing the protect? method of the LoginEngine’s
user_controller.rb so that ostensibly the controller handling those
ajax requests isn’t protected, but that still doesn’t seem to make
any difference.

Anyone else have this experience?


Shane Iseminger
Principal
Ethos Media Creative Group
removed_email_address@domain.invalid
719.589.2800

#10

On Wed, 30 Aug 2006 11:58:13 -0600, Shane Iseminger wrote:

Has anyone tried to use the UserEngine alongside the upload progress
plugin? We have everything working correctly for both of those, but
we’re finding that when a user is logged in, the ajax requests used
in the upload plugin get hung up. They never return anything, and I
have to kill off the fcgi processes it kicks up manually.

I had them both working in an app that no longer exists… sorry that
doesn’t give you much detail, but at least you know they CAN work. No
idea
what’s different about your situation.

Jay L.


#11

Thanks Jay,

After a lot of excruciating tracing and debugging, I deduced that
part of the upload progress plugin is loading the session, but the
Role model stored in it was undefined. So all it ended up requiring
is the line

require 'roles.rb'

in multipart_progress.rb, right before it loads the session. By the
way, this problem shows itself in the logs as the following error,
which someone (I believe here) had tried to solve a while ago (I ran
across it in Google):

"Exception during setup of read_multipart_with_progress: undefined

class/module Role"

– Shane

On Aug 30, 2006, at 4:27 PM, Jay L. wrote:

No idea
what’s different about your situation.

Jay L.


engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-
engines.org


Shane Iseminger
Principal
Ethos Media Creative Group
removed_email_address@domain.invalid
719.589.2800