(Yet another) Noob design question

Hello All

I am unsure how to handle the following in terms of the "Rails way":

The design requirement: A user may create a "goal" for themselves or (if they have sufficient permissions) they may create a goal for somebody else.

Once the user has filled in the form and clicked "submit", I am unsure where I should put the logic to check that the User may create the goal?

Do I put the logic in the controller that processes the form data?
Or, must it go into the Goal model ?

Ordinarily, I would have put that in the controller, but most of my reading suggests that all business logic should reside in the model.

Any guidance would be appreciated.

Regards

Rory

Once the user has filled in the form and clicked "submit", I am unsure
where I should put the logic to check that the User may create the goal?

Do I put the logic in the controller that processes the form data?
Or, must it go into the Goal model ?

The goal of form will be stored in database, any activities of database
is configured in model, controller is only for calling model to process
input data from form.

in controller :

Visit Indonesia 2008 wrote:

Once the user has filled in the form and clicked "submit", I am unsure
where I should put the logic to check that the User may create the goal?

Do I put the logic in the controller that processes the form data?
Or, must it go into the Goal model ?

<snip>

in Model you can put many validations of data like :

class UserGoal::ActiveRecord < Base

validate_presences_of :name, :message => "is already used"
validates_numericality_of :goal, :message => "must be in number"
#end more validations

<snip>

Thanks Reinhart

Unfortunately, the validation in this case is a bit more complicated than the standard ones:

If I have sufficent permissions, I may create a goal for another user, if not I may only create a goal for myself.

Therefore, before I can create the goal, I need to check the logged-in user's permissions and if these are insufficient, I can only allow the user to create a goal if it is being created for him/herself. Would this still go into the model - perhaps as a class method?

Thanks

Rory

Therefore, before I can create the goal, I need to check the logged-in
user's permissions and if these are insufficient, I can only allow the
user to create a goal if it is being created for him/herself. Would this
still go into the model - perhaps as a class method?

in this case you have to create business logic in controller not model.
Model is only control or validate input or output data that
corresponding to your form. to check permission you can write code in
controller. example :

in Controller

Visit Indonesia 2008 wrote:

Therefore, before I can create the goal, I need to check the logged-in
user's permissions and if these are insufficient, I can only allow the
user to create a goal if it is being created for him/herself. Would this
still go into the model - perhaps as a class method?

in this case you have to create business logic in controller not model. Model is only control or validate input or output data that corresponding to your form. to check permission you can write code in controller. example :

in Controller
----------------

get_permission = Friend.permission_from_friend

if get_permission
  # put your code here to manipulate friend goal and yours.
else
  # put your code here to manipulate your own goal.
end

<snip>

Thanks Reinhert

That has answered my question. I will perhaps paste some code, later on, when I have something worth pasteing - at the moment, I am really just stubbing.

Rory