On Martes, 1 de Septiembre de 2009 11:08:24 rvhi escribió:
> Hi,
>
> A group has many users. Each user has many projects. Depending on the
> user's permission level, he may or may not create a project. However
> the code snippet below doesn't work. It still has "create new" at the
> top right corner.
>
> if params[:nested]
> user = User.find(active_scaffold_constraints[:user])
> if user.deny?
> active_scaffold_config.actions.exclude :create
> end
> end
>
> Please advise.
>
> Thanks,
Have you looked at security article in the wiki? You should define security
methods at the model.
class Project < ActiveRecord::Base
[...]
def authorized_for_create?
not current_user.deny?
end
end
--
Sergio Cambra .:: entreCables S.L. ::.
Mariana Pineda 23, 50.018 Zaragoza
T) 902 021 404 F) 976 52 98 07 E) [email protected]
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en
-~----------~----~----~----~------~----~------~--~---
