Restful_ACL db structure


#1

Hi All,
I am going to use restful_acl in my application on every record
in
simple words i want to implement record based acl. I explored
restful_acl
and I applied it too, but so for I am not successful in doing so.
I have question regarding restful_acl
Does this plugin (now gem) needs any backend (database) configurations?
if
yes then what kind of database structure? I just need a table structure

Thanks,

Shahroon


#2

On Jun 9, 9:09 am, shahroon ali removed_email_address@domain.invalid wrote:

Shahroon
RESTful_ACL doesn’t require any database setup. It’s only requirement
is the existence of a @current_user variable, normally set by
something like restful_authentication.


#3

Thanks Darby,
So you mean I dont need a single field in my db structure…but its
confusing how this plugin is managing some complex kind of acl like I
want
to restrict some people from accessing a particular record, deleting a
record and updating a record…let say I have scenario
Model(Lead)---->Record(Xdocs)
(there is a polymorphic association between these two)
(Xdocs)

Read rights = admin,user 1,user 2,user 3 …etc
Write rights = admin,user 1,user 2,user 3 …etc
Update rights =admin, author
Delete rights = admin,author

how your plugin is managing all these things? without any database
interaction? And I am using restful_authentication …so I have that
@current_user as well…

Thanks,

Shahroon


#4

RESTful_ACL restricts actions based on the five methods you define in
your model:
class Issue < ActiveRecord::Base
logical_parent :some_model_name

# This method checks permissions for the :index action
def self.is_indexable_by(user, parent = nil)

end

# This method checks permissions for the :create and :new action
def self.is_creatable_by(user, parent = nil)

end

# This method checks permissions for the :show action
def is_readable_by(user, parent = nil)

end

# This method checks permissions for the :update and :edit action
def is_updatable_by(user, parent = nil)

end

# This method checks permissions for the :destroy action
def is_deletable_by(user, parent = nil)

end

end

This is all in the readme on github, BTW…