Plugins - ScopeControllerModel

StarAdd to favorites

ScopeControllerModel plugin was created to DRY up controller and model logic when working a common data model pattern. Particularly, when access to model data is restricted to the current_user or their account. Supposing you have: 

  class Invoice < ActiveRecord::Base
    belongs_to :account
  end

  class Account < ActiveRecord::Base
    has_many :invoices
  end

In this circumstance, there are two models: accounts and invoices. We want invoices to be restricted to the account of the currently logged in user, but also leverage scaffold_resource to make our site building nice and snappy.

A scaffold_resourced default controller will make reference to @invoices = Invoice.find(:all); however, this returns all invoices when we only want the invoices for a particular user. Likewise, Invoice.create(param[:invoice]) creates an invoice and has an inherent insecurity that a user can overload form data to create the invoice into the account of their choice. Enter ScopeControllerModel: 

  class InvoiceController < ApplicationController
    scope_controller_model :invoice, :conditions => { :account => Proc.new { |c| c.send(:current_user).account } }
  end

Jonathan Siegel

http://elctech.com

http://svn.elctech.com/svn/public/plugins/scope_controller_model

Rails' (MIT)

  • Currently 3.7/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Controllers

Tags

Comments

Add a comment
Flinn Mueller 10 Aug 2007

See also acts_as_scoped - http://saas.rubyforge.org

Search Plugins

Query syntax

Plugins by Category

Sponsors

Rails Kits: Get Code. Get Moving.

Have a comment?