Reputation: 951
ActiveRecord hide columns based on context
I have a scenario where I generate reports from certain ActiveRecord models.
I have multiple roles in the application. Depending on the roles, I want to show or hide certain columns. The thing is as the number of screens/pages increase, keeping a track of these can be become a nightmare.
Is there a way in Rails, where, I can stop returning values for certain columns depending on certain conditions. For e.g. I will the object returned from a ActiveRecord.Where will have data for some columns masked depending on User's role.
Upvotes: 1
Views: 847
Answers (2)
Reputation: 76774
I literally just wrote an answer about this - you'll probably benefit from it.
Model
It seems that if you want to return specific ActiveRecord data, there are certain ways to limit the attributes the class builds. More specifically, you can make certain methods "private" - preventing your model from returning them.
Although I'm not 100% sure on this, I can say that there are two "levels" to your question -- the database data & the model's construction. Although I don't have anything for the ActiveRecord side of things, the model can "privatize" certain attributes, preventing them from being available in other parts of your app.
A Rails model is a class - populated with attributes. This means you should be able to control which attributes are available by the Role your user is part of:
#app/models/role.rb
class Role < ActiveRecord::Base
#columns id | name | attributes | created_at | updated_at
#"attributes" can be used to assign an array
has_many :users, inverse_of: :role
end
#app/models/user.rb
class User < ActiveRecord::Base
belongs_to :role, inverse_of: :users
role.attributes.each do |attr|
private attr.to_sym
end
end
This will override the attributes pulled from the db, allowing you to determine which ones are available.
Of course, a very rudimentary procedure.
--
ActiveRecord
The best way around this will be to use ActiveRecord to specifically select the attributes / columns you want. To do this, I'm not sure of the absolute best way, but perhaps using a default_scope would be beneficial:
#app/models/user.rb
class User < ActiveRecord::Base
belongs_to :role
def attributes
case role_id
when "1"
attrs = []
when "2"
attrs = []
when "3"
attrs = []
end
end
default_scope (select: attributes)
end
Again, pretty rudimentary. I'd be interested in seeing a more integrated way of doing this.
Upvotes: 0
Reputation: 7366
You can do that using active record select method. Select only those attributes which current user role can access and pass to view.
For this you can create array of accessible feilds for paticular role in your initializer. For this create a initializer.rb file under config/initializers/. Add code something like:
ADMIN = ['feild1', 'feild2'..., 'feild10']
MANAGER = ['feild1', 'feild2'..., 'feild5']
USER = ['feild1', 'feild2', 'feild3']
in your action write code something like :
Model.select(eval(current_user.role.upcase))
In view you need to check if attribute exist in your retured activerecord or not. Otherview you will get ActiveModel::MissingAttributeError: for this:
object.has_attribute? 'att_name'
Or you can rescue it with nil
object.att_name rescue nil
Upvotes: 1
Related Questions
- ActiveRecord select except columns
- ActiveRecord : Hide column while returning object
- Hide columns from a table in a view
- Hiding the entire column from a table in a rails view
- Exclude columns from Model
- ActiveAdmin conditionally displaying columns
- Rails - display only certain columns based on user's input
- How can I hide a column from a model in Rails 3.2?
- Avoid SHOW FIELDS in ActiveRecord
- Restrict the columns represented in ActiveRecord