Login-engine restrict by role?


#1

OK, I haven’t been able to figure out the answer to this reading over
the login-engine docs.

I’ve got login-engine set up on a rails app of mine that is a
rudimentary bug tracker. Great.

Trouble is, any schmoe who hits my site can sign up for an account in
a few seconds, and I don’t want just any schmoe to be able to see my
bug database. I only want people I explicitly authorize to be able to
see the bug database.

So – how do I make it so that a registered user has to have a
particular “role” (I saw this column in the schema) to be able to
access certain pages?


#2

On 2/12/06, Ryan T. removed_email_address@domain.invalid wrote:

So – how do I make it so that a registered user has to have a
particular “role” (I saw this column in the schema) to be able to
access certain pages?

It looks like what I want is to override def authorize, although I’m
not quite sure yet where to put my own version of authorize.

And it looks like I may want to install user-engine to get the
scaffolding I want to setup Roles.


#3

The ‘role’ column in the schema is vestigial, and was present in the
SHLG upon which the login engine is heavily, heavily based. It will be
snipped out in the next version.

On 2/13/06, Ryan T. removed_email_address@domain.invalid wrote:


engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org

  • J *
    ~

#4

I had what I think is a similar issue. Search the archives for my
name and login engine.

On 2/12/06, Ryan T. removed_email_address@domain.invalid wrote:

So – how do I make it so that a registered user has to have a
particular “role” (I saw this column in the schema) to be able to
access certain pages?


engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org


Greg F.
The Norcross Group
Forensics for the 21st Century


#5

On 2/12/06, Ryan T. removed_email_address@domain.invalid wrote:

And it looks like I may want to install user-engine to get the
scaffolding I want to setup Roles.

This did it. It had everything I needed. I just don’t give the base
User role any powers by default (beside changing his own name and
password), and give people who should have access a certain role
manually.

Kind of a pain to install on top of login-engine, however. It didn’t
want to make my one existing user (me) admin, despite following the
instructions on config options, so I stopped trying to make that work
and re-bootstrapped so it made the default “admin” login (with a
default password) , signed in as “admin,” promoted myself to
administrator, then deleted the “admin” account.


#6

Feel free to supply a patch which will ‘promote’ an existing user…

  • james

On 2/13/06, Ryan T. removed_email_address@domain.invalid wrote:

Kind of a pain to install on top of login-engine, however. It didn’t
want to make my one existing user (me) admin, despite following the
instructions on config options, so I stopped trying to make that work
and re-bootstrapped so it made the default “admin” login (with a
default password) , signed in as “admin,” promoted myself to
administrator, then deleted the “admin” account.


engine-users mailing list
removed_email_address@domain.invalid
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org

  • J *
    ~