Custom security checks

15 views
Skip to first unread message

Vyatta4People

unread,
Jan 8, 2012, 12:53:55 PM1/8/12
to Netzke
Hi All,

I have onEditInForm method tied up to grid's row double click.
When user double clicks row JS passed action name to endpoint,
gets reply and if reply is positive shows edit form, if not shows
"access denied" alert.

This is JS code:
--- CUT HERE ---
this.getView().on('itemdblclick', function(self, record, item, index,
e, eOpts) {
this.getUserRights({ action: 'edit_in_form' },
function(userIsAdmin) {
if (userIsAdmin) {
this.onEditInForm();
} else {
Ext.Msg.show({ title: 'Access denied', msg: 'You have no rights
to perform edit action!', buttons: Ext.Msg.OK, icon: Ext.Msg.ERROR });
}
});
}, this);
--- CUT HERE ---

This is simple endpoint on a server side:
--- CUT HERE ---
endpoint :get_user_rights do |params|
case params[:action]
when "edit_in_form"
return { :set_result => session[:user_is_admin] }
end
return { :set_result => false }
end
--- CUT HERE ---

I have two questions:
1)Is this a sane version of security checks? Does it anyhow "conflict"
with Netzke design?
2)How could I add this JS method and endpoint to
Netzke::Basepack::GridPanel?

Thanks!
Reply all
Reply to author
Forward
0 new messages