Moving Permission Logic to the Model

Ideally what I would like to have happen:
Contact.find (and .find_by_xyz, etc) will never return a contact
unless contact.group is IN
current_user.contact.group.supergroup.groups

Scenario:
User belongs to a Contact.
Contact belongs to a Group.
Group belongs to a SuperGroup.

Contact has permissions to access the directory listing of other users
of the same SuperGroup, but no one else.

There is never a case where Contact.find (or its derivatives

  • .find_by_xyz) is called unless a User, which has_one Contact is
    logged in.

What I want assistance with:
How can I put this constraint into the model?
There will never be an exception to this rule so I don’t want to use a
named scope unless that’s the only way. I want to override every
default find for this class, but I don’t know how.

2009/8/7 CoolAJ86 [email protected]:

Group belongs to a SuperGroup.
How can I put this constraint into the model?
There will never be an exception to this rule so I don’t want to use a
named scope unless that’s the only way. I want to override every
default find for this class, but I don’t know how.

How about default_scope?

Colin

That is exactly what I was looking for.

Thanks so much Colin.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs