Forum: Ruby on Rails Scaffolding - disabling Create, Edit, Destroy for some user

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
55f28e9c77b35b1539af6be60986b0e4?d=identicon&s=25 Philip Rhoades (Guest)
on 2006-01-10 00:50
(Received via mailing list)
People,

I am using:

  before_filter :login_required

in my Controllers and this works fine.  For some tables I am happy to
use the output of eg:

  ruby script/generate scaffold Author

but is there some way that I can disable Create, Edit, Destroy for some
user logins in the corresponding view?

Thanks,

Phil.
--
Philip Rhoades

Pricom Pty Limited  (ACN 003 252 275  ABN 91 003 252 275)
GPO Box 3411
Sydney NSW      2001
Australia
Mobile:  +61:(0)411-185-652
Fax:     +61:(0)2-8221-9599
E-mail:  phil@pricom.com.au
3dd4b52a0946bd698b1d1635a46ea3a3?d=identicon&s=25 Francois Beausoleil (Guest)
on 2006-01-10 01:32
(Received via mailing list)
Hello Philip !

2006/1/9, Philip Rhoades <phil@pricom.com.au>:
> but is there some way that I can disable Create, Edit, Destroy for some
> user logins in the corresponding view?

Yes, just use link_to_if instead of link_to in the views:

<%= link_to_if current_user.login == 'admin', 'Create', :action =>
'create' %>

Of course, any condition is possible.

Hope that helps !
55f28e9c77b35b1539af6be60986b0e4?d=identicon&s=25 Philip Rhoades (Guest)
on 2006-01-10 02:17
(Received via mailing list)
Francois,


On Mon, 2006-01-09 at 19:29 -0500, Francois Beausoleil wrote:
> Of course, any condition is possible.
>
> Hope that helps !


For this particular case I tried with:

<%= link_to_if current_user.login == 'phil', 'Edit', :action => 'edit' %
>

but I got an error:

undefined local variable or method `current_user' for
#<#<Class:0xb7853e3c>:0xb7853d88>

I installed the login_generator gem - does that make a difference?

Thanks,

Phil.
--
Philip Rhoades

Pricom Pty Limited  (ACN 003 252 275  ABN 91 003 252 275)
GPO Box 3411
Sydney NSW      2001
Australia
Mobile:  +61:(0)411-185-652
Fax:     +61:(0)2-8221-9599
E-mail:  phil@pricom.com.au
C8a634a01a2c4508360874bff7fb1a7f?d=identicon&s=25 Kevin Olbrich (olbrich)
on 2006-01-10 02:19
Francois Beausoleil wrote:
> Hello Philip !
>
> 2006/1/9, Philip Rhoades <phil@pricom.com.au>:
>> but is there some way that I can disable Create, Edit, Destroy for some
>> user logins in the corresponding view?
>
> Yes, just use link_to_if instead of link_to in the views:
>
> <%= link_to_if current_user.login == 'admin', 'Create', :action =>
> 'create' %>
>
> Of course, any condition is possible.
>
> Hope that helps !

That doesn't disable the action, it just makes it inconvenient to use.

The simple way to disable it for a given user would be to create another
before filter.  Have it check to see if the user has access to that
action based on some criteria.  If they don't, redirect to a safe
action.

_Kevin
This topic is locked and can not be replied to.