tags:

views:

168

answers:

3
+3  Q: 

acl9 find just model object which satisfys object.accepts_role?(role_name, current_user)

Hello,

I'm pretty new to rails and it's the first time I'm actually using authlogic + acl9. I followed the default installation steps for both plugins.

So far everything works great, but I have trouble to find an elegant solution for this problem:

Let's say I have a model class called Products. When creating a new Product object I assign the current_user as the owner:

current_user.has_role! :owner, @product

I registered a second user and made sure that this part worked.

In the products controller I have an index method, simply returning all products:

def index
  @products = Products.all
end

My question is: How do I call the find method on Products in order to get just those products where the current_user is the :owner? So I using the acl9 interface that would mean:

@product.accepts_role?(:owner, current_user)

One possibility probably would be to first retrieve all products and then create a new array with just the current_user ones. so maybe like this:

@products = []
products = Products.all
products.each do |p|
  @products << p if p.accepts_role?(:owner, current_user)
end

This solution seems pretty wasteful. So what's the right way to do it?

Thanks everyone!

A: 

I've recently came to the same conclusion in a project I was working on.

I was tempted to do some joins on the role and role_user tables against the products table, but ended up going with the above approach.

Works well now, but it won't scale well.

d2kagw  2009-12-11 05:39:10
A: 

I'm not sure why you want to do any joins. If you've followed the default setup for acl9, you should have many-to-many relationship between user and his roles, and many-to-one between roles and each authorization object. So if you have all relationships properly specified in your models, you should be able to retrieve the objects with something as simple as

current_user.roles.find(:first, :conditions => { :name => 'owner' }).products

You may need to specifically describe products as a named scope or association in the role model, and you can simplify the whole thing even more by wrapping that finder into a named scope as well.

morhekil  2009-12-23 21:28:34
A: 

how about doing all in one query:

@products = Product.all.select { |p| p.accepts_role?(:owner, current_user)}

but the idea remains as proposed by yourself

ernd enson  2010-01-06 01:43:36

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.