Vyatta4People
unread,Jan 8, 2012, 12:53:55 PM1/8/12Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Netzke
Hi All,
I have onEditInForm method tied up to grid's row double click.
When user double clicks row JS passed action name to endpoint,
gets reply and if reply is positive shows edit form, if not shows
"access denied" alert.
This is JS code:
--- CUT HERE ---
this.getView().on('itemdblclick', function(self, record, item, index,
e, eOpts) {
this.getUserRights({ action: 'edit_in_form' },
function(userIsAdmin) {
if (userIsAdmin) {
this.onEditInForm();
} else {
Ext.Msg.show({ title: 'Access denied', msg: 'You have no rights
to perform edit action!', buttons: Ext.Msg.OK, icon: Ext.Msg.ERROR });
}
});
}, this);
--- CUT HERE ---
This is simple endpoint on a server side:
--- CUT HERE ---
endpoint :get_user_rights do |params|
case params[:action]
when "edit_in_form"
return { :set_result => session[:user_is_admin] }
end
return { :set_result => false }
end
--- CUT HERE ---
I have two questions:
1)Is this a sane version of security checks? Does it anyhow "conflict"
with Netzke design?
2)How could I add this JS method and endpoint to
Netzke::Basepack::GridPanel?
Thanks!