Hi,
I have a model which has objects which should have always their own
password.
If I want to edit object1 I will need password a.
If I want to edit object2 I will need password b.
What is the best way to implement this? I am not sure whether I can
accomplish this with the traditional authorisation methods.
Thanks for your help!
Adrian D wrote:
Hi,
I have a model which has objects which should have always their own
password.If I want to edit object1 I will need password a.
If I want to edit object2 I will need password b.What is the best way to implement this? I am not sure whether I can
accomplish this with the traditional authorisation methods.Thanks for your help!
Best approach would be to add a password field to your model and take a
password whenever an object is created, verify password when it is
edited.
Adrian D wrote:
Hi,
I have a model which has objects which should have always their own
password.If I want to edit object1 I will need password a.
If I want to edit object2 I will need password b.What is the best way to implement this? I am not sure whether I can
accomplish this with the traditional authorisation methods.
Unless this is an isolated case, where you could hack something
together, it sounds to me like you need support for Access Control Lists
(ACL). Personally, I would not want to have each model aware of
authorizations for itself. Authorization normally happens at a more
abstract level.
I have not yet had the need for full ACLs in any of my Rails projects. I
am aware there are some ACL plugins/gems available. Since I haven’t used
them I don’t have any recommendations.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs