What is the best way of checking this?
I have 3 tables:
groups
users
group_members
class GroupMember < ActiveRecord::Base
belongs_to :group
belongs_to :user
validates_uniqueness_of :user_id, :scope => “group_id”
Then I want a method here that checks if a given user is a member of a
given group. What is the right way of doing that?
def is_member_of(user, group)
??
end
Regards,
Henrik
If a member can be in more than one group I would use a
has_and_belongs_to_many relationship. You create a table called
groups_users and in taht table you have primary keys set for user_id
and group_id you can also add other fields into that table for
permissions and anything else. Than you need to set foreign key
relationships (also indexes) that reference the respective id’s in
the other tables. The HABTM table does not have an id column in it.
If a user can only belong to one group I would get rid of the
group_members table. This is something that I used in PHP allot but
it is not needed on rails with the great relationship support. As far
as a check to see if a user is a member of a group It depends on what
you are looking to display? if it content specific to the group when
they access the page call a find that has the constraint of looking
for the group_id in the users table (foreign key relationship of has
one) or look in groups_users table to pull the users for that
particular group.
Andrew
Thanks for the fast reply :-).
An user can be an member of a lot of groups.
The GoupMember class i supposed to do a lot of things. I therefore
deliberately chose to use this class instead of HABTM (as recommended
it the Aguile book “When a join wants to be a model”, page 241). The
problem is that I just haven’t yet got the whole grasp of this magic
here in AR.
I have started with:
def is_member_of(user, group)
@user = User.find(:id,
:condition => [“uname = ?”, user])
@group = Group.find(:id,
:condition => [“name = ?”, group])
end
But I guess it is more clever ways of doing this in Rails. Beside I’m
not sure how to continue in this method.
as a check to see if a user is a member of a group It depends on what
belongs_to :user
Henrik
Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails
Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails
Henrik Ormåsen
–
SOS Rasisme er Norges eneste demokratiske medlemsorganisasjon som
konsentrerer seg om å arbeide mot rasisme og nazisme. Vi har over
40.000 individuelle medlemmer, 8.000 kollektive medlemmer og 90
lokallag. Vi er Europas største antirasistiske organisasjon.
Har du lyst til å bli medlem? Gå til: www.sos-rasisme.no/blimedlem
Har du lyst til å bli aktiv? Gå til: www.sos-rasisme.no/bliaktiv
PB 9427, Grønland -0135 OSLO
Besøk oss i Brugata 14, 0186 Oslo (Samme bygg som 7 Eleven)
telefon: 23 00 29 00
direkte: 23 00 29 06
faks: 23 00 29 01
mobil: 48 18 14 92
Hello Kevin!
Thanks for your advise. I have from before installed the old login
generator. I should probably upgrade to this one.
But I’m still little unhappy about my missing understanding of the
possibilities of this case. Even if the user|login_engine will solve
my problem here, I will eventually get the same problem later. I’m
working with a news publishing system where the grouping system will
be a very important thing.
But thanks anyway. I no body will help me with my silliness limiting
my ability here, I can try to read some open code and see if I can get
some out of it.
If you want to only permit user assigned to a particular role to be able
:conditions => [“visible_to = ?”, role_id]
Actually… you would need to set up the query to pick up items in any
of the user’s roles, since they can have more than one.That combination of controller/action access control and record level
control should cover most use cases._Kevin
Henrik Ormåsen
–
SOS Rasisme er Norges eneste demokratiske medlemsorganisasjon som
konsentrerer seg om å arbeide mot rasisme og nazisme. Vi har over
40.000 individuelle medlemmer, 8.000 kollektive medlemmer og 90
lokallag. Vi er Europas største antirasistiske organisasjon.
Har du lyst til å bli medlem? Gå til: www.sos-rasisme.no/blimedlem
Har du lyst til å bli aktiv? Gå til: www.sos-rasisme.no/bliaktiv
PB 9427, Grønland -0135 OSLO
Besøk oss i Brugata 14, 0186 Oslo (Samme bygg som 7 Eleven)
telefon: 23 00 29 00
direkte: 23 00 29 06
faks: 23 00 29 01
mobil: 48 18 14 92
Henrik,
if you want to keep the UserGroup model you first posted, how about
class User < AR:B
has_many :group_members
def member_of?(group)
group_members.include? group
end
end
class Group < AR:B
has_many :group_members
end
cheers
Gerret
Thanks everybody. I’ve converted to the user|login engine. It looks
really nice, and I guess its anyway a good thing to have this part
separated from rest of the app like this engine thing does. Nice to be
able to update it without a lot of work :-).
Also thanks to Gerret, small thing when you know it :-).
Henrik =?iso-8859-1?Q?Orm=E5sen?= wrote:
Then I want a method here that checks if a given user is a member of a
given group. What is the right way of doing that?
You can do a lot of this kind of stuff using ‘roles’ from the
‘user|login_engine’.
You can restrict access to specific controller/action pairs using that
system (which works nicely IMO).
If you want to only permit user assigned to a particular role to be able
to see an object, you would need some sort of association describing
which roles can see the object. In some cases you could make it as
simple as having a ‘visible_to’ column and populating that with the id
of the appropriate role.
Then you modify your find method to be something like…
@object = Object.find_all_by_visible_to(role_id)
or add a condition like…
:conditions => [“visible_to = ?”, role_id]
Actually… you would need to set up the query to pick up items in any
of the user’s roles, since they can have more than one.
That combination of controller/action access control and record level
control should cover most use cases.
_Kevin
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs