tags:

views:

209

answers:

2
Q: 

Limit the results of a active record find

I've got a table with employees (id, name, role) and a relations table bosses (employee_id, superior_id; both foreign_keys to employees.id to employees).

Now if a employee logs in, I only want to show his/her employees; an admin (role=admin) can see all employees.

For the admin it's easy:

Employee.find(:all) #to list them
Employee.find(params[:id] #to find one

Is there an easy way to limit the results on just my employees?

Like add always a condition 

where employees.id in
 (select id from bosses where superior_id = #{User.current_user.employee})

if role is not admin.

Additional Comment

Could you think of a more general solution, where every time a call the find method in active record, it checks for the current_user and returns only the elements, he/she should see?

+2  A: 

Perhaps: 

Employee.all(:joins => :bosses, :conditions => {:superior_id => User.current_user.employee})
Sam Saffron  2009-07-30 07:58:34
yes, this solves it, at least once, but actually I'm still looking for a more general solution. Like every time I call a find, it limits the user on the people, he/she has access to.
Beffa  2009-07-30 12:35:00
named scopes perhaps, http://railscasts.com/episodes/108-named-scope
Sam Saffron  2009-07-30 13:20:13
You showed me the right path. I used the code from the named scope, to write a scoping for myself
Beffa  2009-07-30 14:06:41
A: 

You can do something like

@boss = Boss.find(params[:id], :include => [:employees])

To fetch a boss and their employees. Then use

@boss.employees

to get that boss's employees.

Eifion  2009-07-30 08:11:08

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.