[Rails] @user.is_the_administrator

James Adam james.adam at gmail.com
Sat Feb 25 02:34:15 GMT 2006 

Just in terms of your implementation, it's a pretty bad idea to tie
'administrator' rights to a field which has another purpose. What you
might consider doing is adding a new (boolean/int) column to your user
table - 'is_administrator', andd ActiveRecord will give you
User#is_administrator? for free. you can then also use various
validations to ensure that only a single user is the administrator,
and absolutely don't provide any kind of web interface to setting that
parameter (including stripping it from params hashes).

But yeah - in general, tying permissions to a general-purpose field is
a bit of a no-no.

- james

On 2/23/06, Mischa Berger <spmm_pls at yahoo.com> wrote:
> Hi,
>
> Sorry for reposting, but my date was set 1-feb today (don't ask) and I'm
> not sure if this gets read...
>
> My question is about this method:
>
> # Returns true for the (saved) user called "admin"
> def is_the_administrator
>    true if save and name == "admin"
> end
>
> The method returns true if the user's name is admin. However, I only
> want to
> return true if the state of the object is "saved", so I call the save
> method
> first.
>
> I'm doing this because...
> Once the admin is created I don't want anyone to be able to change the name.
> I implemented this like this in the view:
>
> <% if @user and @user.is_the_administrator %>
>    <%= text_field "user", "name", :disabled => true %>
> <% else %>
>    <%= text_field "user", "name" %>
> <% end %>
>
> However when someone else tries to change their name to "admin", the
> text_field will be disabled too. The object is not saved, because of the
> validation (validates_uniqueness_of :name). So I only want the field to be
> disabled if the object is saved. The way I implemented it now works, but
> I'm
> guessing there's a better way to do this.
>
> Any ideas?
>
> Thanks!!
>
> _______________________________________________
> Rails mailing list
> Rails at lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>


--
* J *
  ~

More information about the Rails mailing list