Richard
unread,May 4, 2010, 1:12:32 AM5/4/10Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to acl9-discuss
I've been playing with ACL9 tonight and have found it nearly works for
my needs - but my implementation might not be that great:
User has_many :customers
User has_one :office (usually a main office with several users and
some geographically remote offices with a few users)
Office has_many :users
Above all of this is an Account model that has_many :users - I do
think I need to change my associations to where Account has many
offices, office has_many users, and user belongs_to office
Anyway
I need to do read/write/delete on customers for the owner, office, and
other
kind of like user.has_role? :owner,_read customer # not so important
as 99% of the time owner has read/write/delete
office.has_role? :office_read, customer
And some how, if the logged in user does not own the customer, belong
to an OFFICE that can read,change,delete the customer - then check
some sort of public permissions to see if the customer can be either
read/change/deleted
Can I do this with ACL9? From the 10 minutes I looked at other
solutions it seems ACL9 is the most flexible so far - so I may be
writing this myself