I have a custom auth-system based on authlogic (based largely on reader extension). I have two roles: regular users and moderators. I also have two extra pages types, one is for moderators only, the other is for either. Whats would be recommended way to require certain user role to access a particular page type? Should I define a custom process() method for each page or is there a better way?
on 2010-10-16 21:09
on 2010-10-29 05:36
On Sat, Oct 16, 2010 at 3:08 PM, swartz <email@example.com> wrote: > I haven't tried this myself. You could create a custom process, you could perhaps create a rack session and use http://github.com/hassox/warden/wiki/Setup
on 2010-10-29 10:23
On 29 Oct 2010, at 04:35, Jim Gay wrote: >> better way? reader_group does something similar by overriding find_page and show_page in site_controller, but I looking at it now I probably should just have chained Page#find_by_url and defined some new exception types for the controller to catch. best, will
on 2010-11-01 22:53
What I've done so far is to use around_filter with process_page from SiteController. But I find that the login in this overwritten method is expensive as it has to run and hit the database for every page. Just seeing if there're better ways to do this.
on 2010-11-01 22:57
I'm toying with the idea of caching the permissions, that is load them all up and their permission from table into memory and keep them there. So it doesn't have to hit the database every time. The good thing is there're only 200 pages and not 2,000.