On Mon, Nov 9, 2009 at 9:01 AM, Sergio Cambra .:: entreCables S.L. ::.
<[email protected]> wrote:
> On Lunes, 9 de Noviembre de 2009 07:57:36 synfinatic escribió:
>> Using Rails 2.3.2 + latest Lockdown/AuthLogic & ActiveScaffold, I have
>> a problem where non-logged in users can't see all the column data (the
>> column titles show up, but there is no data).
>>
>> I've dug through my log files, looking for errors or requests which
>> might be causing problems, but I clearly see ActiveRecord making the
>> queries related to these columns (they're join tables). Actually,
>> the development.log is the same for logged in users or non-logged in
>> users.
>>
>> Basically, I've determined that I have to either remove Lockdown or
>> tell AS to return the column data as plain text (remove
>> "active_scaffold" from the appropriate controllers).
>>
>> No doubt this is a strange corner case, but I'm at a loss to how to
>> debug it since Lockdown isn't generating any authorization denied
>> messages and it appears AS is properly querying the DB.
>
> Do you have some authorized_for methods in your models? Can you post your
> models?
Sure no problem. The odd thing is that data from the Vintage model is
displayed, but no data for the Varietal, Appellation or Producer
columns.
Lockdown::System.configure do
# everyone should be able to view data
set_permission(:wines_ro).
with_controller(:wines).except_methods(:destroy, :edit, :create).
with_controller(:varietals).except_methods(:destroy, :edit, :create).
with_controller(:vintages).except_methods(:destroy, :edit, :create).
with_controller(:wine_types).except_methods(:destroy, :edit, :create)
set_permission(:producers_ro).
with_controller(:producers).except_methods(:destroy, :edit, :create).
with_controller(:producer_upcs).except_methods(:destroy, :edit, :create)
set_permission(:appellations_ro).
with_controller(:appellations).except_methods(:destroy, :edit, :create).
with_controller(:subregions).except_methods(:destroy, :edit, :create).
with_controller(:regions).except_methods(:destroy, :edit, :create).
with_controller(:countries).except_methods(:destroy, :edit, :create)
set_public_access :login, :register_account, :static_pages, :wines_ro, \
:appellations_ro, :producers_ro
set_permission(:my_account).
with_controller(:users).
only_methods(:show, :edit, :update)
set_protected_access :my_account
end
class WinesController < ApplicationController
active_scaffold :wine do |config|
config.list.columns = [ :designation, :varietal, :producer,
:appellation, :tags, :vintages ]
config.show.columns = [ :designation, :varietal, :producer,
:appellation, :vineyard, :tags, :vintages ]
config.create.columns = [ :designation, :varietal, :producer,
:appellation, :vineyard, :vintages ]
end
def user
# first find all the wines owned by this user with bottles_count > 0
wids = WineOwner.connection.execute %Q{
SELECT wine_id FROM `wine_owners`
WHERE user_id = #{params['id']} AND bottle_count > 0
}
ids = []
wids.each do |row|
ids << row[0]
end
@condition = %Q|wines.id IN (#{ids.join(",")})|
index
end
def conditions_for_collection
@condition
end
end
class VintagesController < ApplicationController
active_scaffold :vintage do |config|
config.list.columns = [ :year, :bottles, :cellar_notes,
:drink_before_year, :drink_after_year, :tags ]
config.create.columns = [ :year, :cellar_notes,
:drink_before_year, :drink_after_year ]
end
def conditions_for_collection
query = "SELECT DISTINCT vintages.id FROM vintages, bottles WHERE
bottles.vintage_id = vintages.id AND bottles.available = 1"
if ! current_user.nil?
query << " AND bottles.user_id = #{current_user.id}"
end
vids = Vintage.connection.execute(query)
ids = []
vids.each do |row|
ids << row[0]
end
conditions = "vintages.id IN (#{ids.join(',')})"
end
end
class ProducersController < ApplicationController
active_scaffold
end
class VarietalsController < ApplicationController
active_scaffold :varietal do |config|
config.list.columns = [ :name, :wines ]
config.show.columns = [ :name, :wines ]
end
end
class AppellationsController < ApplicationController
active_scaffold
end
class Wine < ActiveRecord::Base
versioned
acts_as_taggable
has_many :vintages
belongs_to :appellation
belongs_to :producer, :counter_cache => true
belongs_to :varietal, :counter_cache => true
has_many :owners, :class_name => 'WineOwner', :conditions => [
"bottles_count > 0" ]
def to_label
self.designation
end
end
class Varietal < ActiveRecord::Base
versioned
has_many :wines
belongs_to :wine_type
end
class Vintage < ActiveRecord::Base
acts_as_taggable
has_many :user_reviews
has_many :users, :through => :user_reviews
belongs_to :wine, :counter_cache => true
has_many :bottles
has_many :external_reviews
def to_label
year.nil? or year == 0 ? "NV" : year.to_s
end
end
class Producer < ActiveRecord::Base
versioned
acts_as_taggable
has_many :wines
belongs_to :country
belongs_to :producer_upc, :counter_cache => true
end
class Appellation < ActiveRecord::Base
versioned
has_many :wines
belongs_to :subregion, :counter_cache => true
end
--
Aaron Turner
http://synfin.net/
http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety.
-- Benjamin Franklin
"carpe diem quam minimum credula postero"
--
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected].
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en.
