role based authorization question

Howard_Roberts · August 24, 2006, 5:13pm

I am using the the authorization recipe outlined in Rails Recipes.Is it possible for one role, say ‘admin’, to have access to every action on every controller without explicitly having to create a Right for each?

I know this will not work as is, and to force it to do so would violate MVC, but is there some other way to accomplish having something like this in a controller:

loggedin=false; if session[:user]

Applicant.find(session[:user]).roles.each{|r| loggedin=true if r.name==“admin”} end

skip_before_filter :check_authentication, :check_authorization if loggedin

Thanks,

Howard

Isak · August 24, 2006, 8:23pm

I store * as a wildcard for the action/controller columns, and query for (rights.controller = controller_name OR rights.controller = '*') AND <same for action> in my authorized() method.

Isak

Howard_Roberts · August 24, 2006, 9:52pm

Thanks Isak, It seemed so very obvious once I saw your suggestion. I works beautifully.

Thank You, Howard

Topic		Replies	Views
require_role on a per action basis rubyonrails-talk	2	114	May 27, 2009
Role Based Authentication rubyonrails-talk	7	132	March 16, 2007
Authorization with single table inheritance? rubyonrails-talk	1	126	April 16, 2007
authorization recipe help rubyonrails-talk	8	271	February 20, 2008
Mixin application.rb problem rubyonrails-talk	6	134	September 5, 2008

role based authorization question

Related topics

More Resources