There are still 2 problems that i'm trying to debug:
1) nested links are allways displayed. AS/actions/nested.rb
nested_authorized? returns allways true. It should delegate to the
corresponding action:
- :list when is :index
- :create when is :new
- :update when is :edit
However you can still use security_method
2) Unauthorized member actions are still displayed as something like:
<a>#{link.label}</a>
They should have class="disabled".
Can't figure out where is being rendered. I only see a
render_group_action_link(link, options, record)
On Mon, Sep 24, 2012 at 4:51 AM, Sergio Cambra <[email protected]> wrote:
> **
>
> It works with master or rails-3.2 branch, it won't work with 3.2.16
> because it was fixed later. However, I don't know if it works with cancan.
>
>
>
> ActiveScaffold won't disable collection links, so an unauthorized
> collection link should not be displayed, is not needed to change
> create_ignore? method. The fix is on commit
> 8ce243d83ee5e37a9d3d7df29601ea8f55682223
>
>
>
> On Domingo, 23 de septiembre de 2012 23:43:46 andrea escribió:
>
> Cancan correctly disable the creation method in controller (raising 500
> error) but activescaffold not skip the create action link in the table
> header.
>
> I think the solution is fix create_ignore? method:
>
>
> def create_ignore?
>
> (!nested? && active_scaffold_config.list.always_show_create) ||
> !create_authorized?
>
> end
>
> The original create_ignore? method do not check unauthorized creation at
> class level (!create_authorized?), so AS unauthorize link but do not skip
> this or disable it.
>
>
> https://github.com/activescaffold/active_scaffold/issues/178
>
>
>
>
>
> Il giorno giovedì 6 settembre 2012 13:39:44 UTC+2, Mike Blyth ha scritto:
>
> I'm trying to get rid of the "Create new" link conditionally, when users
> are not authorized to create. I'm using CanCan. The links within rows are
> suppressed properly (or greyed out), but the top-of-page Create link is
> still there. I have tried
>
> - def authorized_for_create? # in model
> false
> end
> - def authorized_for_new? # in model, out of desperation
> false
> end
> - def create_authorized? # in controller
> false
> end
>
> What is the right way?
>
> --
> You received this message because you are subscribed to the Google Groups
> "ActiveScaffold : Ruby on Rails plugin" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/activescaffold/-/GbvZHQglRm4J.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/activescaffold?hl=en.
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "ActiveScaffold : Ruby on Rails plugin" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/activescaffold?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en.
