Hi all,
Is there a reason to block authorized_for? to only the 4 crud actions?
i mean this line in active_scaffold_permissions.rb:
def authorized_for?(options = {})
raise ArgumentError, "unknown action #{options[:action]}" if
options[:action] and ![:create, :read, :update,
:destroy].include?(options[:action])
It would be nice to allow any action to pass through this security
structure. For example, use security for many posible actions that apply
like activate, suspend, pdf, review, comment, diggit...
I checked the code and i don't see anything that could be affected by
passing any other actions as parameter. However, in the view
(_list_actions.html.erb) it doesn't look so good to be using "crud_type" as
the action to be checked against to, instead of the real :action parameter,
but changing that might need double checking for backward compatibility
issues. I just say commenting out that raise ArgumentError which does
nothing.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en
-~----------~----~----~----~------~----~------~--~---
