i am trying to create a system so that different users have different
priviliges on my application. i was going to modify my authorize
function so that i could pass the required role to it and have it check
the current user for that role.
i am using before_filter and would like to have just one function
instead of writing one for each role like so:
authorize(role)
instead of:
authorize_customer
and
authorise_csr
but i don’t know what i need to do so that i can do something like:
before_filter :authorize(‘Admin’)
one more thing i was thinking about too was using dynamic function names
like rails does ~~> User.find_by_username(’*****’)
if i could have a before_filter :authorize_user and in another
controller have before_filter :authorize_admin and have them go to the
same function, that would work too, but i don’t know how to do that in
ruby yet.
Josh K. wrote:
instead of:
authorize_customer
and
authorise_csr
but i don’t know what i need to do so that i can do something like:
before_filter :authorize(‘Admin’)
Send in a thunk, of course:
before_filter { authorize(‘Admin’) }
–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)
“Yields falsehood when quined” yields falsehood when quined.
Josh K. wrote:
one more thing i was thinking about too was using dynamic function names
like rails does ~~> User.find_by_username(‘*****’)
if i could have a before_filter :authorize_user and in another
controller have before_filter :authorize_admin and have them go to the
same function, that would work too, but i don’t know how to do that in
ruby yet.
One way to do it would be to add the filter to the base controller
instead, and use the solution I wrote in the last mail.
–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)
“Yields falsehood when quined” yields falsehood when quined.
thanks for the help. i’m still having some problems though. when i try
the code that you gave, it only works when the method is in the current
controller. when i try it and my method is in application.rb, it says
that the method isn’t found.
Ola B. wrote:
Josh K. wrote:
instead of:
authorize_customer
and
authorise_csr
but i don’t know what i need to do so that i can do something like:
before_filter :authorize(‘Admin’)
Send in a thunk, of course:
before_filter { authorize(‘Admin’) }
–
Ola B. (http://ola-bini.blogspot.com)
JvYAML, RbYAML, JRuby and Jatha contributor
System Developer, Karolinska Institutet (http://www.ki.se)
OLogix Consulting (http://www.ologix.com)
“Yields falsehood when quined” yields falsehood when quined.