Zabba
Reputation: 65517
How to apply permissions
I'm wondering how to implement some permission logic in a Rails 2.3.8 app.
For example, a user can only edit tasks the user created (aka "owns").
Should I do something like this:
user.can_edit_task(task)
or this:
task.can_be_edited_by?(user)
#Method needs to be passed in a user object (from controller). But then how
#can I access the current user in a "before_save" filter as below :
.
def User
before_save: check_permissions!
def check_permissions
#this way?
raise some_exception if task.can_be_edited_by?(user)
#or this way?
raise some_exception if self.can_edit_task?(task)
end
end
Any tips on how to go about this?
Upvotes: 1
Views: 76
Answers (1)
Related Questions
- Change permissions of file in Ruby
- How can I clean up my user permissions code in Ruby/Rails?
- How should I set up permission for Rails app?
- User permmissions Ruby on Rails
- Unable to set user permissions correctly in rails
- how to define permission for user roles
- User permissions in Rails app
- Rails 3 permissions?
- Permission error ruby on rails passenger
- Rails User -> Roles -> Permissions setup