Access Control in Rails

December 10th, 2006
Purchase Lasix Cytotec Where Order Aldactone Germany Discount Lotrisone Side Effects Order Lipitor Trenton Penisole Prevacid Prescription Price For Hoodia Review Buy Flomax Richmond Tramadol Pharmacy Price For Seroquel Drug Information Where To Get Tramadol Age Levitra Dosing Generic Neurontin Health Forum Zyban Delivery Price For Prevacid Cheapest Pills Purchase Norvasc Cheyenne Where To Get Nolvadex Shop Hoodia Online Natural Neurontin Comparison Generic Hoodia Topeka Natural Inderal Side Effects Lasix NoRX Discount Accutane Health Forum Zyban Mail Where Order Clomid Canadian Purchase Acomplia Generic Zyban Health Forum Where Order Amoxil Online Clinic Lipitor RX Natural Nexium Horny Goat Weed Price For Cymbalta Dosing Where To Get Accutane Review Order Elimite Where Order VPXL Forum Price For Lipitor Italy Price For Neurontin Online Clinic Where Order Penisole Spain Where Order VPXL Pharmacy Herbal Antabuse Canadian Diflucan Shop Doxycycline Overnight Delivery Where Order Hoodia Review Where To Get Diflucan Effects Natural Nexium Comparison Where To Get Zyban Spain Natural Soma Free Samples Amoxil Prescription Online Cytotec Where To Get Flomax India

You need to install the acl2 plugin from

http://opensvn.csie.org/ezra/rails/plugins/dev/acl_system2/

 

Here is an example of its use.  the access_control is thanks to this plugin

 

class PostController < ApplicationController
  before_filter :login_required, :except => [:list, :index]
  access_control [:new, :create, :update, :edit] => ‘(admin | user | moderator)’,
                 :delete => ‘admin & (!moderator & !blacklist)’ 
There are two callback methods you can use to define your own success and failure behaviors. If you define permission_granted and/or permission_denied as protected methods in your controller you can redirect or render and error page or whatever else you might want to do if access is allowed or denied. 

 

  # the rest of your controller here

  protected

  def permission_denied
    flash[:notice] = “You don’t have privileges to access this action”
    return redirect_to :action => ‘denied’
  end

  def permission_granted
    flash[:notice] = “Welcome to the secure area of foo.com!”
  end
There is also a helper method that can be used in the view or controller. In the view its handy for conditional menus or stuff like that.

   
So here is the schema of this application including the Post model and the User and Role model plus the habtm join table:

ActiveRecord::Schema.define(:version => 3) do


create_table "roles", :force => true do |t|


t.column "title", :string


end


create_table "roles_users", :id => false, :force => true do |t|


t.column "role_id", :integer


t.column "user_id", :integer


end


create_table "users", :force => true do |t|


t.column "login", :string, :limit => 40


t.column "email", :string, :limit => 100


t.column "crypted_password", :string, :limit => 40


t.column "salt", :string, :limit => 40


t.column "created_at", :datetime


t.column "updated_at", :datetime


end


end  

 

Posted in rails, acts_as_authenticated, authentication | No Comments »

installing acts_as_authenticated

December 9th, 2006

Posted in rails, acts_as_authenticated | No Comments »

Setting up local gem repository

December 8th, 2006

Posted in rails, ruby, ruby gems | No Comments »

Using has_many with STI

December 7th, 2006

Posted in rails, ruby, inheritance | No Comments »