Users, Groups, Pages and Permissions


#1

Hi - what I’m trying to accomplish is to enable different levels of
access to users in my application. The models are here:
http://pastie.org/408263

Basically, the permission model holds the group_id, page_id and
read/write permission as boolean. If a certain user from some group is
trying to access a page, he can do it if his group_id has can_read =
true for the specific page_id. He can then edit the page if he has
can_edit = true.

This got a little (very) complex to manage since I need to add and deny
permissions for every group on every page, and also need to use a
before_filter or some sort of <% if current_user.can_read(page_id) %> at
the beginning of each action.

I’m looking for suggestions on how to simplify this system while still
retaining it’s original functionality (ie - allow or deny user’s access
to pages based on the group he belongs to). The less code in the
controller - the better :slight_smile:

thanks.