I find the comments & code in the bottom of the action_links section to be misplaced and wrongheaded.
First, the function should be: def authorized_for?(options) not [:destroy, :update].include?(options[:action]) and super end Which of course falsifies the immediately prior limitations. But the only reason to override authorized_for? is if you are going with a substantially different permissions model. There is no justification at all to include this code in the example given. Moreover, authorized_for? is part of the security model. There should basically be a link to the security stuff. (Having said that, I REALLY want authorized_for? to be documented, as I have my own model...) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "ActiveScaffold : Ruby on Rails plugin" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/activescaffold?hl=en -~----------~----~----~----~------~----~------~--~---
