Forum: Ruby Users, Groups, Pages and Permissions

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
006a4831843b48f6102d5d3cf92ae283?d=identicon&s=25 Shilo Ayalon (gte351s)
on 2009-03-05 15:02
Hi - what I'm trying to accomplish is to enable different levels of
access to users in my application. The models are here:
http://pastie.org/408263

Basically, the permission model holds the group_id, page_id and
read/write permission as boolean. If a certain user from some group is
trying to access a page, he can do it if his group_id has can_read =
true for the specific page_id. He can then edit the page if he has
can_edit = true.

This got a little (very) complex to manage since I need to add and deny
permissions for every group on every page, and also need to use a
before_filter or some sort of <% if current_user.can_read(page_id) %> at
the beginning of each action.

I'm looking for suggestions on how to simplify this system while still
retaining it's original functionality (ie - allow or deny user's access
to pages based on the group he belongs to). The less code in the
controller - the better :)

thanks.
This topic is locked and can not be replied to.