You cannot post messages because only members can post, and you are not currently a member.
|
Passing a user object to permitted_to?
|
| |
(continuing this discussion from a private e-mail)
I'm implementing a custom helper that lets me see if the current user
is impersonating another user (for administrative purposes).
I know I can called permitted_to? in a helper, but permitted_to? does
not seem to accept a user object or check against anything besides... more »
|
|
|
New release with Development fixes in master?
|
| |
Steffen, Do you have* a timeline or a list of what else you want fixed/added before you roll out a 0.5.6 release? I have a few new projects that I'm going to be using decl_auth in and would like to have specifically the development reload fixes already in master to be usable for the development team.* (and... more »
|
|
|
Devise login and current_user
|
| |
I am having trouble getting Devise login to work. When the form is posted,
my before_filter in application_controller.rb assigns
Authentication.current_user = current_user. Since current_user is not set
at this point (as the login has not happened), it uses guest permission
throughout the request, even though current_user is soon set.... more »
|
|
|
Select single column while using with_permissions_to(:read)?
|
| |
Hi there, I'm trying to figure out how to select only a single column in conjunction with using with_permissions_to. It always selects all columns from all the tables involved in the authorization check. Does anyone know if this is possible? Here is what I am trying: MyObject.with_permissions_to(: read).select(:common_descripti on)... more »
|
|
|
order of rules when using includes
|
| |
Take the example of an admin user vs. a guest user. for the guest i have the rule: has_permission_on :conditions, :to => [:new, ... if_permitted_to :read, :experimental_conditions end has_permission_on :experimental_conditions, :to => [:new, ... if_attribute :well_id => is { nil }... more »
|
|
|
Authorization::AuthorizationUs ageError on nested models
|
| |
I have constructed this nested structure where cobrands have companies
and companies have users. I have established the following roles:
site_admin, cobrand_admin, company_admin and user.
class Cobrand < ActiveRecord::Base
has_many :companies
has_many :users, :through => :companies
class Company < ActiveRecord::Base... more »
|
|
|
exists instead of inner join?
|
| |
I need to set permission on an object based on whether a there exists an object in a has many relationship with a specific property value. has_permission_on :conditions, :to => [:new, ... if_permitted_to :read, :experimental_conditions #if_attribute :experimental_conditions =>{ :well_id => is { nil }}... more »
|
|
|
Granting permission to a model w/o reverse relationship definitions
|
| |
Here is the scenario. class Facility < ActiveRecord::Base belongs_to :address belongs_to :classified_address, :class_name => 'Address' end class Address < ActiveRecord::Base ...end The question How do I grant access to manage the addresses that are associated with the facility? Putting has_many on the address seems very... more »
|
|
|
"Permission denied" in rspec but working fine in development
|
| |
Hi,
I tried to test my application using rspec but ran in some trouble
with "Permission denied" errors although the resource should have been
accessible even with the :guest role. In the real application (in
development env) everything works as expected.
The test logfile shows the error message:... more »
|
|
|
Declarative Authorization Rails Plugin