declarative-authorization

getting "Permission denied: No matching rules found for..." using declarative_authorization

Hi, Just starting out, but getting: Processing WebfileController#new (for 10.1.1.1 at 2009-12-14 09:45:14) [GET] Parameters: {"action"=>"new", "controller"=>"webfile"} User Columns (2.0ms) SHOW FIELDS FROM `users` User Indexes (0.3ms) SHOW KEYS FROM `users` Permission denied: No matching rules found for create for #<Authoriza...

How to check for a role

Hi, I'm a rails noob and first time poster here and am using declarative authorization in order to implement role base access restriction in a small timesheet app I am writing. In one of my views, specifically the index.html.erb for my time_registers needs to display more information if the user who is logged in has the admin role ass...

Declarative authorization - allow editing others comments left in your article?

I'm following Ryan Bates' declarative authorization railscast. I'm trying to add functionality for author of a particular article to be able to edit comments left in his article, regardless of if he is the owner or not. I tried doing it, but couldn't get it to work. role :author do has_permission_on :articles, :to => [:new, :creat...

declarative_authorization and authlogic problems

Hi (Disclaimer: I am very new to rails) This plugin looks like it will be a great fit for my app, but I am having a hard time getting it to work. I am using it with authlogic, I am not sure if that is the problem, but it seems like it may be. When I try an access a page that my admin role should have access to I get this: Processing C...

Rails: Undefined method 'to_sym'

I'm getting the following error in my deployed Rails 2.3.5 application: NoMethodError (undefined method `to_sym' for nil:NilClass): My local testing install of the application, which uses Sqlite, doesn't get the error, but my deployed app running Mysql does. The only other difference between the two is I'm running Ruby 1.8.7 on my loc...

Form is creating already loaded attributes in addition to new attributes, how do I ignore the first?

In my application you: Have an admin user that signs on and that user has a role (separate model), then I use the declarative_authorization plugin to give access to certain areas. That admin user can also register new users in the system, when they do this (using Authlogic) they fill out a nested form that includes that new users' ro...

Help with database strategy for giving roles to users in specific model instances

I have a ruby app running with declarative authorization and I have made the roles: admin ( app admin ) org_admin ( organization administratr ) org_colab ( organization colaborator ) org_visitor ( organization visitor ) a User can has_many Organizations and he can be an admin or a colaborator. I link them using a Affilia...

if_attribute on declarative authorization

I have a many-to-many relationship like this: A user has_many organizations through affiliations and vice-versa. I'm using declarative organizations and I only want a user to edit a particular organization if he is affiliated and the affiliationtype attribute of affiliation is a particular value. So affiliations has 3 columns , user_id...

Using Administration Dashboard with Declarative Authorization and Authlogic ?

Hello, I use Declarative Authorization and Authlogic and now wants to create a dashboard for the administration. About ActiveScaffold will be an overview of the different controllers are shown. However, I have the problem that I can admin no "admin rights" to the subfolders app/controllers/admin/admin_controller. How can I do that? C...

How to test declarative_authorization with rspec

Is there a way to test the declarative_authorization permissions with respect? In the documentation it has some instructions to use test unit, but I can't seem to find a way to use rspec. ...

if_attribute syntax problem on declarative_authorization

I have an Organization that has_many Affiliations And a mission that has_one Organization So i can do this: m = Mission.first m.organization.affiliations A user also has_many affiliations so I can do: u = User.first u.affiliations In declarative_authorization I want a user to be able to manage a mission if he is affiliated to the...

declarative_authorization permission on new but related object id is nil

I have an Organization that has_many Affiliations And a mission that has_one Organization So i can do this: m = Mission.first m.organization.affiliations A user also has_many affiliations so I can do: u = User.first u.affiliations In declarative_authorization I want a user to be able to manage a mission if he is affiliated to the ...

Authorization in Rails

Who can show me how I must use declarative_authorization (http://github.com/stffn/declarative_authorization) with restfult_authentication (http://github.com/technoweenie/restful-authentication)? ...

declarative_authorization permissions on roles

Hey all, I'm trying to add authorization to a rather large app that already exists, but I have to obfuscate the details a bit. Here's the background: In our app we have a number or roles that are hierarchical, roughly like this: BasicUser -> SuperUser -> Admin -> SuperAdmin For authorization each User model instance has an attribu...

What are people's opinions vis-a-vis my choice of authorization plugins?

I'm slowly but surely putting together my first rails app (first web-app of any kind in fact - I'm not really a programmer) and it's time to set up a user registration/login system. The nature of my app is such that each user will be completely separated from each other user (except for admin roles). When users log in they will have thei...

Rails authorization plugins

We are evaluating plugins for Authorization in Rails. The two at the top of our list are cancan and declarative_authorization. I would like to get some feedback from anyone currently using either of these plugins. The problem we are going to face with any authorization plugin is that we have a database per customer model and will ...

Is devise compatible with declarative_authorization?

Just asking whenever devise authentication mechanism for Rails does not conflict with declarative_authorization. Maybe someone tried this combo and can share their knowledge, so I and other coders do not waste time trying to tie these ones up. ...

declarative_authorization and /authorization_rules access problem

Hi, i have configured to use authlogic and declarative_authorization and configured authorization_rules.rb. All is fine but on attemp to access localhost/authorization_rules i see "You are not allowed to access this action.". I've added has_permission_on :authorization_rules, :to => [:index, :show] but nothing changed :( In logs i se...

All permissions with declarative_authorization

Hi, I have a Rails application using Restful authentication and declarative authorization. I have some roles with an admin. Is there any method to have automatically granted all permissions to this role, instead of hardcode every controller in the authorization_rules? Something like: role :admin do has_permission_on :everything, :t...

User model declarative authorization 'if_attribute' issue

I am using authlogic (2.1.3) and declarative_authorization (0.4.1) to control access to my application. All of the authorization works as expected except user's that are assigned the Editor role can't change their (the current_user supplied by authlogic) profile settings (a part of the User model). The 'Guest' role works as expects, as...