Hello, I was asked to extend (or add would fit better) user access rights defined by user role.
Right now, user have role defined as enum and whole application checks current_user.role when rendering views. This is very poor, as it requires to change code (multiple places) when someone decides that some role can or cannot have access to certain pages, moreover it deas not prohibit user to access detailed information via url. So the task is to make each role customizable. It should be avialable to admin users on some extra panel, where each role will be listed in 1st column with (probably) checkboxes in other columns corresponding to proper access right on certain model. So my first questions are: It seems I need to create new model 'role' with its views and so on... Is there any easier solution? Should I pay special attention when changing user model? -- You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/hobousers?hl=en.
