not-kennethreitz/convore.json
1
0
Fork 0
mirror of https://github.com/not-kennethreitz/convore.json.git synced 2026-06-21 15:40:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
convore.json/groups/rails/has_many-through-with-permissions/messages.json
T
Kenneth Reitz add958b068 shuffle things around a bit
2012-02-21 01:15:00 -05:00

1 line
2.0 KiB
JSON
Raw Permalink Blame History

[{"user_id": 7794, "stars": [], "topic_id": 38555, "date_created": 1307489954.548069, "message": "Does anyone know of a good way (or THE good way) to handle the following scenario: A many to many relationship, where each connection between the two models has a set of permissions. For example, A Supervisor can edit all tasks owned by his Employees. An Employee can see, but not edit, all tasks by Employees in his group.", "group_id": 447, "id": 1330770}, {"user_id": 7794, "stars": [], "topic_id": 38555, "date_created": 1307490465.2564011, "message": "What I've got so far is a has_many :through relationship. Since that relationship is itself a model, that model :belongs_to a Role. Then, using declarative, I can check to see if that specific relation is acceptable given the desired action.", "group_id": 447, "id": 1330858}, {"user_id": 7794, "stars": [], "topic_id": 38555, "date_created": 1307490141.393364, "message": "(Since a supervisor is an employee, and therefore has read only access to his peers' tasks", "group_id": 447, "id": 1330802}, {"user_id": 7794, "stars": [], "topic_id": 38555, "date_created": 1307490105.796649, "message": "This doesn't quite fit under a generic Roles design, because everyone essentially has all available roles, in different scopes.", "group_id": 447, "id": 1330801}, {"user_id": 7794, "stars": [], "topic_id": 38555, "date_created": 1307490599.8679841, "message": "am i making this too complicated? does it make sense?", "group_id": 447, "id": 1330876}, {"user_id": 32812, "stars": [], "topic_id": 38555, "date_created": 1307512978.0748191, "message": "cancan and decl auth should be able to handle complex relationships like this just fine. just requires a block as appose to a simple rule.", "group_id": 447, "id": 1334277}, {"user_id": 35810, "stars": [], "topic_id": 38555, "date_created": 1307730127.9705081, "message": "You can try out acl9, not sure if it's still actively maintained though. It does per object access control and allows for multiple roles from what I can remember off hand.", "group_id": 447, "id": 1364034}]
Reference in New Issue View Git Blame Copy Permalink