Role based authorization question

I am using the the authorization recipe outlined in Rails Recipes.Is it
possible for one role, say ‘admin’, to have access to every action on
every
controller without explicitly having to create a Right for each?

I know this will not work as is, and to force it to do so would violate
MVC,
but is there some other way to accomplish having something like this in
a
controller:

loggedin=false;
if session[:user]
Applicant.find(session[:user]).roles.each{|r| loggedin=true if r.name==
“admin”}
end
skip_before_filter :check_authentication, :check_authorization if
loggedin

Thanks,
Howard

On 8/24/06, Howard R. [email protected] wrote:

Applicant.find(session[:user]).roles.each{|r| loggedin=true if
r.name==“admin”}
end
skip_before_filter :check_authentication, :check_authorization if loggedin

Thanks,
Howard

I store * as a wildcard for the action/controller columns, and query
for (rights.controller = controller_name OR rights.controller = ‘*’)
AND in my authorized() method.

Isak

On 8/24/06, Isak H. [email protected] wrote:

I store * as a wildcard for the action/controller columns, and query
for (rights.controller = controller_name OR rights.controller = ‘*’)
AND in my authorized() method.

Isak

Thanks Isak, It seemed so very obvious once I saw your suggestion. I
works
beautifully.

Thank You,
Howard