Forum: Rails Engines How to limit some HTML blocks for a certain role/permission?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Dcbf676f860477e44b275cae5d6318a4?d=identicon&s=25 Piotr Usewicz (lopmx)
on 2006-03-28 15:11
(Received via mailing list)
Hi

	I have a small problem here. I have few roles, eg. Client User and
Client Manager. I would like to let view both of them a certain View,
but normal Client User shall not see any blocks of HTML code like
payment lists etc. on a page. How can I achieve this?

Piotr
05d703f649ef1d07e78d7b479fb4c4ac?d=identicon&s=25 James Adam (Guest)
on 2006-03-28 16:06
(Received via mailing list)
You can use something like this in a view:

<% if current_user.roles.include?(Role.find_by_name("Client Manager") do
%>
   <!-- your html here -->
<% end %>

Would that be ok? This presumes that you're using the User Engine...

- james

On 3/28/06, Piotr Usewicz <piotr@layer22.com> wrote:
> engine-users mailing list
> engine-users@lists.rails-engines.org
> http://lists.rails-engines.org/listinfo.cgi/engine...
>


--
* J *
  ~
Dcbf676f860477e44b275cae5d6318a4?d=identicon&s=25 Piotr Usewicz (lopmx)
on 2006-03-28 16:30
(Received via mailing list)
James Adam napisaÅ?(a):
> You can use something like this in a view:
>
> <% if current_user.roles.include?(Role.find_by_name("Client Manager") do %>
>    <!-- your html here -->
> <% end %>
>
> Would that be ok? This presumes that you're using the User Engine...
>

Yeah, I have figured it out. But still, it won't work as expected.

My application shall grant access to 'our' users, and our client's
users.

So our users arent assigned to Client roles, but instead like Helpdesk
Users or whatever.

Here, if a certain user (or admin) arent assigned Client Manager role
won't see the block aswell... Which is not the way it should be.

Any solution? :)

Peter
7ed00c190370c2f48b0327acfd2b6bf8?d=identicon&s=25 Jonathan Bloch (Guest)
on 2006-03-29 04:54
Sure... a hack of sorts.  Just make some  permissions for "fake"
controllers & actions (that need not  exist/do anything useful). Then
assign these permissions to the roles you want and use the authorized?
method. This gives arbitrarily fine-grained control:

<% if authorized?(:controller =>'htmlacesscheck' :action =>
'thisbitofhtml') %>
    <!-- Private HTML -->
<% end %>


Piotr Usewicz wrote:
>> Yeah, I have figured it out. But still, it won't work as expected.
>
> My application shall grant access to 'our' users, and our client's
> users.
>
> So our users arent assigned to Client roles, but instead like Helpdesk
> Users or whatever.
>
> Here, if a certain user (or admin) arent assigned Client Manager role
> won't see the block aswell... Which is not the way it should be.
>
> Any solution? :)
>
> Peter
Dcbf676f860477e44b275cae5d6318a4?d=identicon&s=25 Piotr Usewicz (lopmx)
on 2006-03-29 09:36
(Received via mailing list)
Jonathan Bloch napisaÅ?(a):
>
>

Oh thanks. But it's nasty! ;]

Peter
05d703f649ef1d07e78d7b479fb4c4ac?d=identicon&s=25 James Adam (Guest)
on 2006-03-29 09:45
(Received via mailing list)
If a set of users all need to see the same chunk of HTML, they should
share the same role. Importantly, though, bear in mind that users can
have MANY roles. So define your roles in a sensible way which reflects
the fine granularity of what information they should/should not see,
and use these presence/absence of those fine-grained roles in your
conditional statements.

- james

On 3/29/06, Piotr Usewicz <piotr@layer22.com> wrote:
> >
> http://lists.rails-engines.org/listinfo.cgi/engine...
>


--
* J *
  ~
Dcbf676f860477e44b275cae5d6318a4?d=identicon&s=25 Piotr Usewicz (lopmx)
on 2006-03-29 12:39
(Received via mailing list)
James Adam napisa³(a):
> If a set of users all need to see the same chunk of HTML, they should
> share the same role. Importantly, though, bear in mind that users can
> have MANY roles. So define your roles in a sensible way which reflects
> the fine granularity of what information they should/should not see,
> and use these presence/absence of those fine-grained roles in your
> conditional statements.
>
> - james
>

Yes I know, but it would be somewhat difficult to administer all the
users (for example, we have about 20 internal users and 300+ external
ones). Setting many different roles for eg. every variable of html code
chunks can be annoying. I am not sure, but maybe ActiveRBAC would let
this be less complicated.
05d703f649ef1d07e78d7b479fb4c4ac?d=identicon&s=25 James Adam (Guest)
on 2006-03-29 12:54
(Received via mailing list)
Perhaps roles are not the right metaphor for the kind of discriminant
functionality or display that you need. Good luck.

- james

On 3/29/06, Piotr Usewicz <piotr@layer22.com> wrote:
>
>
--
* J *
  ~
1ac9a56538b4c66692f2fa5da8fc96be?d=identicon&s=25 Shane Iseminger (Guest)
on 2006-08-30 19:59
(Received via mailing list)
Hello all,

Has anyone tried to use the UserEngine alongside the upload progress
plugin? We have everything working correctly for both of those, but
we're finding that when a user is logged in, the ajax requests used
in the upload plugin get hung up. They never return anything, and I
have to kill off the fcgi processes it kicks up manually.

The strange thing is that if the user logs out, everything works fine.

I've tried changing the protect? method of the LoginEngine's
user_controller.rb so that ostensibly the controller handling those
ajax requests isn't protected, but that still doesn't seem to make
any difference.

Anyone else have this experience?


__________________________________

	Shane Iseminger
	Principal
	Ethos Media Creative Group
	shane@ethosmedia.com
	719.589.2800
A63764f318f10379c8b51349b757cf4b?d=identicon&s=25 Jay Levitt (Guest)
on 2006-08-31 00:28
(Received via mailing list)
On Wed, 30 Aug 2006 11:58:13 -0600, Shane Iseminger wrote:

> Has anyone tried to use the UserEngine alongside the upload progress
> plugin? We have everything working correctly for both of those, but
> we're finding that when a user is logged in, the ajax requests used
> in the upload plugin get hung up. They never return anything, and I
> have to kill off the fcgi processes it kicks up manually.

I had them both working in an app that no longer exists... sorry that
doesn't give you much detail, but at least you know they CAN work.  No
idea
what's different about your situation.

Jay Levitt
1ac9a56538b4c66692f2fa5da8fc96be?d=identicon&s=25 Shane Iseminger (Guest)
on 2006-08-31 04:10
(Received via mailing list)
Thanks Jay,

After a lot of excruciating tracing and debugging, I deduced that
part of the upload progress plugin is loading the session, but the
Role model stored in it was undefined. So all it ended up requiring
is the line

	require 'roles.rb'

in multipart_progress.rb, right before it loads the session. By the
way, this problem shows itself in the logs as the following error,
which someone (I believe here) had tried to solve a while ago (I ran
across it in Google):

	"Exception during setup of read_multipart_with_progress: undefined
class/module Role"

-- Shane


On Aug 30, 2006, at 4:27 PM, Jay Levitt wrote:

> No idea
> what's different about your situation.
>
> Jay Levitt
>
> _______________________________________________
> engine-users mailing list
> engine-users@lists.rails-engines.org
> http://lists.rails-engines.org/listinfo.cgi/engine...
> engines.org

__________________________________

	Shane Iseminger
	Principal
	Ethos Media Creative Group
	shane@ethosmedia.com
	719.589.2800
This topic is locked and can not be replied to.