[Rails] @user.is_the_administrator
Ezra Zygmuntowicz
ezra at yakimaherald.com
Fri Feb 24 02:28:45 GMT 2006
On Feb 23, 2006, at 6:06 PM, Craig White wrote:
> On Thu, 2006-02-23 at 16:34 -0800, Ezra Zygmuntowicz wrote:
>> On Feb 23, 2006, at 4:11 PM, Craig White wrote:
>>
>>> On Thu, 2006-02-23 at 15:19 -0800, Ezra Zygmuntowicz wrote:
>>>> Mischa-
>>>>
>>>>
>>>> You might want to look at my acl_system plugin. It handles role
>>>> permissions like you want in a more secure way.
>>>>
>>>>
>>>> http://brainspl.at/articles/2006/02/20/new-plugin-acl_system
>>>>
>>>>
>>>> Example:
>>>>
>>>>
>>>> class PostController < ApplicationController
>>>> before_filter :login_required, :except => [:list, :index]
>>>> access_control [:new, :create, :update, :edit] => '(admin |
>>>> user |
>>>> moderator)',
>>>> :delete => 'admin & (!moderator & !blacklist)'
>>>>
>>>>
>>> ----
>>> Looks like once again, you are solving a problem for me but I am
>>> wary that the implementation is going to change as this is early.
>>>
>>> I'm curious though...why the need to ! - can't the access_control
>>> simply
>>> default to !everyone unless specifically permitted?
>>>
>>
>> Yes you can leave off the !whatever. I just included that as an
>> example of the syntax flexibilty you have with the logicparser. And
>> the implementation might change but the api and interface will remain
>> the same. I like to leave backwards compatibility in my code if
>> possible.
>>
>> Also if you get in early, you can make suggestions and get changes
>> you would like into the code before it gets to old and set in its
>> ways ;). The thing I have plans for at this point have to do with
>> model access control and not controller. So you wold be relatively
>> safe using it now. Plus you can always keep the old version around if
>> you dont want to upgrade. It is working nicely right now.
> ----
> not that my opinion carries much weight around here but after the
> incredible solution offered by ez_where, I emphatically endorse
> anything
> you offer and you can be certain next week, when I get back to
> users/roles/rights, it will be act_as_authenticated/new_plugin_acl
> (needs a name)
>
> Craig
Thanks for the kind words Craig.
-Ezra
More information about the Rails
mailing list