Forum: Ruby on Rails Coding conventions (mostly AR)

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ddffdd431166f9abb724004bdbe56f8c?d=identicon&s=25 Lucifron (Guest)
on 2006-03-02 12:23
(Received via mailing list)
I have the following tables: Users, Clients, Roles, Assignments(user_id,
role_id, client_id) and Rights(controller, action).

First of all, I'd like to know if hooking things up this way makes any
sense. Could perhaps add a second join table between assignments and
roles,
but not sure that would add any value.

What i'm really wondering about, though - is how to do things the
'right'
way.

My session contains :user_id and :client _id. I've alread loaded the
user
into @user, with an auth filter, and am now writing the filter 'allow?'
to
do role based authorization on the controller/action tier.

Second step is loading the client, just to make sure it exists and so
on.

Next i'd like to ask my user if it's authorized to access this
controller/action, i.e. @user.authorized?(@client, controller_name,
action_name).

I should be using the actual client instance here, I assume, not just
the
id?

Now.. How should i iterate through all Rights for a given User--Client
relationship? Could do it easily with Rights.find_by_sql(...), but don't
think that's appropriate..?

What if i only wanted the Roles?

Will be reading 'agile web development' as soon as it drops into my
mailbox,
but a head start would be nice. Any feedback appreciated.

--
View this message in context:
http://www.nabble.com/Coding-conventions-%28mostly...
Sent from the RubyOnRails Users forum at Nabble.com.
Ddffdd431166f9abb724004bdbe56f8c?d=identicon&s=25 Lucifron (Guest)
on 2006-03-02 13:11
(Received via mailing list)
Hmm.. Bad subject here, figure it should have read 'AR usage' or
similar.
Please bear with me.

--
View this message in context:
http://www.nabble.com/Coding-conventions-%28mostly...
Sent from the RubyOnRails Users forum at Nabble.com.
This topic is locked and can not be replied to.