Need some permissions help

11 views
Skip to first unread message

Bob Sleys

unread,
Aug 4, 2011, 12:52:51 PM8/4/11
to hobo...@googlegroups.com
I'm setting up a private site where users have access to a limited set of data.  Attached is a high level view of the model diagram (exported from RubyMine)

Users are members of organizations and should only be able to view data associated with their organizations.  It's easy enough to limit viewing data at the organizations level but where I'm a bit stuck is how to limit access to say a floor which belong to a building which in turn belong to an organizations.

Am I going to have to navigate the whole tree back up to organization in each models view_permitted?  or is there a simpler way?

Ie for the floor model 
  def view_permitted?(field)
    acting_user.employee? || acting_user.administrator? || this.building.organization.users.include?(acting_user)
  end
diagram.png

kevinpfromnm

unread,
Aug 5, 2011, 6:50:13 PM8/5/11
to hobo...@googlegroups.com
you can call a parent's permissions method from the child, though if you're not already eager loading the whole chain it can be a bit slow.

for your floor example for instance:

def update_permitted?
  building.organization.updatable_by?(acting_user)
end


Reply all
Reply to author
Forward
0 new messages