Links
Scoped Access
Categories
Scoped Access
If you have a bunch of methods in your controller that should all have scoping applied to the model interactions, this is the plugin for you.
Here’s an example:
class Account < ActiveRecord::Base
has_many :pages
end
class Page < ActiveRecord::Base
belongs_to :account
end
class PageController < ApplicationController
before_filter :login_required
around_filter ScopedAccess::Filter.new(Page, :mine)
protected
def mine
{
:find => { :conditions => ["user_id = ?", session[:user_id] },
:create => { :user_id => session[:user_id] }
}
end
public
def list
@pages = Page.find(:all)
end
...
end
So, all the Page find and update methods will be scoped with the ID of the currently logged-in user. This makes it incredibly easy to implement access controls in multiple-user applications.
Check out the home page for more coolness this plugin provides.
Vitals
| Home | http://habtm.com/articles/2006/02/22/nested-with_scope |
|---|---|
| Repository | http://wota.jp/svn/rails/plugins/trunk/scoped_access/ |
| License | |
| Tags |
|
| Rating | (13 votes) |
| Created | 10 June 2006 |
Comments
-
Orya2 July 2006
This has been incorporated into Rails: http://dev.rubyonrails.org/changeset/3671
-
Gary18 May 2007
The above comment is misleading. The changeset doesn't provide a default scope for the model (like this plugin), but allows you to scope a given block. eg. in the above example, any call to Page.find within PageController will be scoped.
