Have you been looking at CanCan? I've implemented a similar situation with CanCan. It will not cover your needs for 100% but it will do a lot.
Op donderdag 21 februari 2013 00:56:53 UTC+1 schreef Tim Uckun het volgende: > > I have the following scenario. > > Users have various levels of ability. They can only view and edit > their own records (their profile). Their managers can only view and > edit their employees records. The regional managers can view and edit > only the people in their regions and the corporate headquarters can > view and edit all records. There are multiple regions so somebody > can be the manager of the north region and somebody is the manager of > the south region. They both have the role of "regional manager". > > Of course this also applies to any of the child relations as well > (addresses, phone numbers etc). > > I am struggling with a clean way to write a controller which would > only show the records they have the right to on the index method. I > want to avoid silly and complex case statements and I also want avoid > roles like "regional manager north". > > I figure somebody here has run into this problem. What is the most > elegant way to solve this problem. > > Cheers. > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/AcPwpZUGr6cJ. For more options, visit https://groups.google.com/groups/opt_out.
