On Jueves, 28 de Mayo de 2009 20:51:21 Kenny Ortmann escribió:
> Well the reason it is calling it once with a default record is because the
> create action for instance is an action that is Model based not record
> based.
>
> so it creates a new record, with the default values and checks permissions
> against that. I don't know why it is running these for every record
> though.
>
> You should see on call to create_authorized and then on call per record to
> update show and delete
This happens in _list_actions.html.erb
<% active_scaffold_config.action_links.each :record do |link| -%>
<% next if controller.respond_to? link.security_method and
!controller.send(link.security_method) -%>
<td>
<%= record.authorized_for?(:action => link.crud_type) ?
render_action_link(link, url_options) : "<a
class='disabled'>#{link.label}</a>" -%>
</td>
<% end -%>
It calls security_method and record.authorized_for? for each action link. The
security_method usually calls authorized_for? controller method
(ActiveScaffold::Actions::Core.authorized_for?), which calls
class.authorized_for?.
So authorized_for? is called first in a new record with default values, in
order to show the link or not. Then authorized_for? is called in a record to
show the link disabled or enabled for that record.
>
> On Thu, May 28, 2009 at 1:40 PM, Carl Anderson <[email protected]> wrote:
> > Nope, only 1, that's my point. And there's a collection for set so
> > they only come from one Universe_id (3 in this case). On another page
> > I have 4 records from Universe_id 1 and each of those groups shows up
> > twice for each record, but of course they both have univserse_id 1.
> > Carl
> >
> > On Thu, May 28, 2009 at 11:34 AM, Kenny Ortmann <[email protected]>
> >
> > wrote:
> > > I'm assuming you have 2 records on this list view?
> > >
> > > On Thu, May 28, 2009 at 1:31 PM, Carl <[email protected]> wrote:
> > >> I figured out a little more about my problem with authorize for action
> > >> but I'm not sure why this is happening. It seems that 2 calls are made
> > >> to render each object, one with default attributes and one with the
> > >> actual attributes. This sounds odd, and might be incorrect, but I came
> > >> to this conclusion because my authorize for actions now look like this
> > >> for my Character model:
> > >>
> > >> def authorized_for_update?
> > >> #Greys out the associated link when the user isn't the creator or
> > >> authorized
> > >> logger.info "\n\nCharacter Update universe_id = #{self.universe_id}
> > >> \n\n"
> > >> new_record? || current_user.id == self.universe.creator_id ||
> > >> current_user.userlimits.find(:first, :conditions => "universe_id = #
> > >> {self.universe_id}").rights >= 3
> > >> end
> > >>
> > >> def authorized_for_destroy?
> > >> #Greys out the associated link when the user isn't the creator or
> > >> authorized
> > >> logger.info "\n\nCharacter Destroy universe_id = #
> > >> {self.universe_id}\n\n"
> > >> new_record? || current_user.id == self.universe.creator_id ||
> > >> current_user.userlimits.find(:first, :conditions => "universe_id = #
> > >> {self.universe_id}").rights >= 3
> > >> end
> > >>
> > >> def authorized_for_create?
> > >> #Greys out the associated link when the user isn't the creator or
> > >> authorized
> > >> logger.info "\n\nCharacter Create universe_id = #{self.universe_id}
> > >> \n\n"
> > >> current_user.id == self.universe.creator_id ||
> > >> current_user.userlimits.find(:first, :conditions => "universe_id = #
> > >> {self.universe_id}").rights >= 2
> > >> end
> > >>
> > >> def authorized_for_show?
> > >> logger.info "\n\nCharacter Show universe_id = #{self.universe_id}\n
> > >> \n"
> > >> #Greys out the associated link when the user isn't the creator or
> > >> authorized
> > >> new_record? || current_user.id == self.universe.creator_id ||
> > >> current_user.userlimits.find(:first, :conditions => "universe_id = #
> > >> {self.universe_id}").rights >= 1
> > >> end
> > >>
> > >>
> > >> And when I go to my character page my log looks like this:
> > >>
> > >> Processing CharactersController#index (for 127.0.0.1 at 2009-05-28
> > >> 11:15:21) [GET]
> > >> Parameters: {"action"=>"index", "controller"=>"characters"}
> > >> User Load (0.5ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
> > >>
> > >>
> > >>
> > >> Universe id set in session as: 3
> > >>
> > >>
> > >> SQL (0.2ms) select sqlite_version(*)
> > >> SQL (0.5ms) SELECT count(DISTINCT "characters".id) AS count_all
> > >> FROM "characters" LEFT OUTER JOIN "experiences" ON
> > >> experiences.character_id = characters.id LEFT OUTER JOIN
> > >> "characters_events" ON "characters_events".character_id =
> > >> "characters".id LEFT OUTER JOIN "events" ON "events".id =
> > >> "characters_events".event_id LEFT OUTER JOIN "users" ON "users".id =
> > >> "characters".created_by LEFT OUTER JOIN "users" modifiers_characters
> > >> ON "modifiers_characters".id = "characters".modified_by WHERE
> > >> ((characters.universe_id = '3'))
> > >> Character Load (0.9ms) SELECT "characters".* FROM "characters"
> > >> WHERE ((characters.universe_id = '3')) ORDER BY characters."id" ASC
> > >> LIMIT 15 OFFSET 0
> > >> Experience Load (0.2ms) SELECT "experiences".* FROM "experiences"
> > >> WHERE ("experiences".character_id = 10)
> > >> Event Load (0.2ms) SELECT "events".*, t0.character_id as
> > >> the_parent_record_id FROM "events" INNER JOIN "characters_events" t0
> > >> ON "events".id = t0.event_id WHERE (t0.character_id = 10)
> > >> CACHE (0.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
> > >> CACHE (0.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
> > >> Rendering template within layouts/application
> > >> Rendering characters/list
> > >>
> > >>
> > >> Character Create universe_id = 1
> > >>
> > >> Universe Load (0.2ms) SELECT * FROM "universes" WHERE
> > >> ("universes"."id" = 1)
> > >> SQL (0.2ms) SELECT count(*) AS count_all FROM "characters"
> > >> Rendered _list_header (13.6ms)
> > >> Rendered _list_column_headings (93.9ms)
> > >> Rendered _messages (0.9ms)
> > >>
> > >>
> > >> Character Update universe_id = 1
> > >>
> > >>
> > >>
> > >> Character Update universe_id = 3
> > >>
> > >> Universe Load (0.3ms) SELECT * FROM "universes" WHERE
> > >> ("universes"."id" = 3)
> > >>
> > >>
> > >> Character Destroy universe_id = 1
> > >>
> > >>
> > >>
> > >> Character Destroy universe_id = 3
> > >>
> > >> Rendered _list_actions (3.8ms)
> > >> Rendered _list_record (26.6ms)
> > >> Rendered _list (134.2ms)
> > >> Completed in 196ms (View: 165, DB: 3) | 200 OK [http://0.0.0.0/
> > >> characters]
> > >>
> > >>
> > >>
> > >>
> > >> The only one that only shows up once per page is the Create action,
> > >> and it is using the default Universe_id = 1 which I assume is because
> > >> I set that as the default on my model, but I don't understand why the
> > >> one object on that page calls each of the other authorize for actions
> > >> twice, with self.universe_id set once to the default and once set to
> > >> the actual value? If I go to a page with 4 characters on it I see the
> > >> same thing, but with pairs of calls for each object (except for
> > >> Create, which only shows up once). Shouldn't it only be called once
> > >> with the actual value?
>
>
--
Sergio Cambra .:: entreCables S.L. ::.
Nicolás Guillén 6, locales 2 y 3. 50.018 Zaragoza
T) 902 021 404 F) 976 52 98 07 E) [email protected]
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en
-~----------~----~----~----~------~----~------~--~---
