declarative authorization and has_and_belongs_to_many

Posted by Michael Balsiger on Stack Overflow See other posts from Stack Overflow or by Michael Balsiger
Published on 2011-02-16T14:39:27Z Indexed on 2011/02/16 15:25 UTC
Read the original article Hit count: 303

Filed under:

ruby

|

declarative-authorization

|

has-and-belongs-to-many

Hi, I have a little problem with declarative-authorization. I have a User and Role Model with a has_and_belongs_to_many association.

I've created a Role named :moderator in my authorization_rules.rb

Is it possible that a User with the Role Moderator only gets the Users that have the Moderator Role assigned to it?? --> User.with_permissions_to(:index)

I thought it would be possible like that:

role :moderator do
  has_permission_on :users, :to => :index do
    if_attribute :roles => contains { ????? }
  end
end

I also created a named_scope in my User Model because I thought it would help...

class User
  has_and_belongs_to_many :roles
  named_scope :by_role, lambda { |role|
    {
      :include => :roles,
      :conditions => {"roles.name" => role}
    }
  }
end

Does anyone knows if it's possible to do this with declarative_authorization?

Thanks for your help!

© Stack Overflow or respective owner

Related posts about ruby

Setting up Rails to work with sqlserver

as seen on Stack Overflow - Search for 'Stack Overflow'
Ok I followed the steps for setting up ruby and rails on my Vista machine and I am having a problem connecting to the database. Contents of database.yml development: adapter: sqlserver database: APPS_SETUP Host: WindowsVT06\SQLEXPRESS Username: se Password: paswd Run rake db:migrate… >>> More
marshal data too short!!!

as seen on Stack Overflow - Search for 'Stack Overflow'
My application requires to keep large data objects in session. There are like 3-4 data objects each created by parsing a csv containing 150 X 20 cells having strings of 3-4 characters. My application shows this error- "marshal data too short". I tried this- Deleting the old session table. Deleting… >>> More
Sinatra and XML POST request

as seen on Stack Overflow - Search for 'Stack Overflow'
I don't know is it my mistake or no. So i have that code: <code> post '/singin/get_token' do content_type :xml puts request.body.read puts xmlRequest xmlRequest = REXML::Document.new(request.body.read) ... </code> And when i post something like that: <code> <?xml… >>> More
how to change ruby path from /usr/bin/ruby to /usr/local/bin/ruby

as seen on Stack Overflow - Search for 'Stack Overflow'
reading around the various ruby install tutorials it's required to change path from /usr/bin/ruby to /usr/local/bin/ruby but i cant seem to be able to do it. Ultimately i want to install Ruby 1.9.2, should i uninstall 1.8.7 or what? i tried to install Ruby 1.9.2 with macports, the installation seemed… >>> More
strange bundler error: tar_input.rb:49:in `initialize': not in gzip format (Zlib::GzipFile::Error) o

as seen on Stack Overflow - Search for 'Stack Overflow'
i am getting a strange bundler error when running bundle pack with bundler 0.9.12 any ideas? (see pastie for a better formatted code: http://pastie.org/881328 ) /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/site_ruby/1.8/rubygems/package/tar_input.rb:49:in `initialize': not in gzip format (Zlib::GzipFile::Error) … >>> More

Related posts about declarative-authorization

Declarative authorization and the if_attribute not working...

as seen on Stack Overflow - Search for 'Stack Overflow'
I've been having almost the same issues as Victor Martin (you can see the questions asked here). I've got declarative authorization working for just about everything that doesn't involve using conditionals. E.g. has_permission_on :users, :to => [:edit, :update, :destroy] do if_attribute :user… >>> More
declarative authorization and has_and_belongs_to_many

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I have a little problem with declarative-authorization. I have a User and Role Model with a has_and_belongs_to_many association. I've created a Role named :moderator in my authorization_rules.rb Is it possible that a User with the Role Moderator only gets the Users that have the Moderator Role… >>> More
if_attribute on declarative authorization

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a many-to-many relationship like this: A user has_many organizations through affiliations and vice-versa. I'm using declarative organizations and I only want a user to edit a particular organization if he is affiliated and the affiliationtype attribute of affiliation is a particular value… >>> More
rails declarative authorization, permit all actions for controller?

as seen on Stack Overflow - Search for 'Stack Overflow'
using the delcarative_authorization gem for rails, is there a shortcut to allow a role access to all controller actions? privileges do # default privilege hierarchies to facilitate RESTful Rails apps privilege :manage, :includes => [:create, :read, :update, :delete] end isn't sufficient… >>> More
if_attribute on declarative authorization. STUCK FOR DAYS!!!

as seen on Stack Overflow - Search for 'Stack Overflow'
I can't seem to find a solution for this problem :s I have a many to many relationship like this: A user has_many organizations through affiliations and vice versa. I'm using declarative organizations and I only want a user to edit a particular organization if he is affiliated and the affiliationtype… >>> More