I would separate it... keep the roles and permission you have with activefx's tutorial. Then your
group or channel has_one :administrator, <necessary options here> has_many :notables, <necessary options here> has_many :members, :through => :memberships, <other necessary options here> has_many :memberships Maybe even the membership model can contain what capacity the user is in the group? This just popped into my head now.. not too sure if this would work. Sounds okay though. On Wed, May 7, 2008 at 5:03 PM, Neil Cauldwell <[EMAIL PROTECTED]> wrote: > > I have an authentication system set up via the activefx tutorial for > restful_authentication. I now need to implement roles and permissions on > a per object basis, as opposed to site wide, 'Is this user an > administrator?', permissions. > > There are two types of objects, Groups and Channels, and they each have > one Admin, many Notables, and many Members. I'm presuming it could be > bad to mix my site wide roles/permissions in with the Group & Channel > roles/permissions, although it could potentially keep things tidier if > my Roles table simply has Administrator, Notable, Member (for Site, > Group, Channel objects) and then the Permissions table handles what has > been assigned to Site, Groups or Channels. In fact, I've just been > testing this approach via a polymorphic association in the Permissions > table so that the Groups and Channels are Permissionable (the > Permissions table has role_id, user_id, permissionable_id, > permissionable_type). However, calling a has_many through on the > permissionable polymorphic association seems to be causing problems (I > just keep getting an error message from AR telling me I cannot have a > has_many :through association on the polymorphic object). > > Firstly, do I need to avoid mixing site permissions in with object > permissions? If so, do I differentiate between the two, maybe by keeping > site permissions in the Permissions table, and keeping object > permissions in a new Memberships table (this is a naming convention that > I'd be happy with). Secondly, is it going to be possible to use a > Permissionable polymorphic assocation on the object permissions, or do I > just want to create separate group_permissions and channel_permissions > tables to avoid any issues with a has_many through on the polymorphic > association? > -- > Posted via http://www.ruby-forum.com/. > > > > -- Ramon Tayag --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
