Only allowing areas of site to users using authentication


#1

I have a site in development where I only want specific users to access
specific items that uses belongs_to and has_many.

Say we have this kind of structure.

Person <belongs_to + has_many> Items

When person logged in they only have access to items that belongs to
him/her.

I’m using auth_generator but only seem to put an auth inside controllers
and dont know how to go any futher.

Any help would be great.


#2

To further ellaborate…

This is my table structure

Client (has many domains)
Domain (belongs to client and has many reports)
Report (belongs to domain)

Currently when I select client in the frontend it shows me what domains
belong to that client. I want to set up that when a client logs in it
shows the domains/reports that belong to them.

Thanks


#3

Hi, Guest,

I think your problem isn’t solely about authentication. IMHO you simply
need
the following steps:

#1: Check if there is a user authenticated => if not display the login
page
or a guest page or whatever
#2: Read the session to get the user who is authenticated => don’t know
how
to do this with auth_generator but probably it’s something like
session[:user]
#3: use the relation from the read out user with something like:
session[:user].items
#4: Display the resulting items

Best Regards
Jan P.