I get the ids of applications from the view and using them i create an
array of applications in the before filter. User should have a role
for each one of them to be authorized to proceed.
Approach 1
I was trying some thing like
in before filter:
@applications = Application.find_all_by_id(params[:app_ids])
In access control block
allow :super_admin, :publisher_admin, :demo_user, :of
=> :applications, :to => pages_require_application_role
But that gives me an error : undefined method `base_class' for
Array:Class
Approach 2
Then i thought that i have already loaded the applications in my
before filter, so i will iterate over them in access control block and
deny if the user doesn't have a the role for any of the applications
In access control block
if !@applications.blank?
@applications.each do |application|
if !@current_user.has_role(:owner, application)
deny all
end
allow :owner
end
else
puts "In else block"
end
But this always throws me in the else block. On printing messages at
different places i reached to a conclusion that access control block
is called before before_filters, although the before filters are
called before the access control block in the controller.
I am not sure what i am doing wrong and also am very confused about
the flow of access control block and before filters.
Looking forward for a quick and helpful response.
-- Rubish
On Jan 29, 5:42 pm, Rubish <rubishgupt...@gmail.com> wrote:
> I am pretty new to ruby and even new acl9 and started using acl9 2
> days back. I am stuck at a point and need help.
>
> I get the ids of applications from the view and using them i create an
> array of applications in the before filter. User should have a role
> for each one of them to be authorized to proceed.
>
> Approach 1
> I was trying some thing like
> in before filter:
> @applications = Application.find_all_by_id(params[:app_ids])
>
> In access control block
> allow :super_admin, :publisher_admin, :demo_user, :of
> => :applications, :to => pages_require_application_role
>
> But that gives me an error : undefined method `base_class' for
> Array:Class
>
> Approach 2
> Then i thought that i have already loaded the applications in my
> before filter, so i will iterate over them in access control block and
> deny if the user doesn't have a the role for any of the applications
>
> In access control block
> if !...@applications.blank?
However in my application I want to check "authorization" over an
array of objects. In case the authorization fails on any one of the
objects, the user should get access denied. Any idea on how can I
setup this up using ACL9.
-Thanks,
</Rubish>
On Feb 1, 10:14 am, oleg dashevskii <olegdashevs...@gmail.com> wrote:
> access_control block generates before_filter itself.
>
> So, if you have something like
>
> class MyController < ApplicationController
> before_filter :set_ivars
>
> access_control do
> allow :role, :of => :foo
> deny :role2, :of => :bar
> end
>
> private
>
> def set_ivars
> @foo = ...
> @bar = ....
> end
> end
>
> acl block will "execute" after set_ivars method and @foo, @bar will be
> available.
>
> 2010/2/1 Rubish <rubishgupt...@gmail.com>
I didn't explored the :if and :unless in allow and deny. Using :if
solved my problem. Now i have a method
def has_bars_access
if !@bars.blank?
@bars.each do |bar|
return false if !current_user.has_role(:owner, bar)
end
end
return true
end
and in access control block i do
allow :owner, :to => :whatever, :if => :has_bars_access
Thanks to all for help :)