Hello, Jay Levitt <[EMAIL PROTECTED]> writes:
> On Mon, 16 Jan 2006 10:19:58 +0000, James Adam wrote: > >> It's my feeling that the relationship between Roles and Permissions is >> something that should be stated concretely as a fundamental and >> important part of your final application, hence why it should be >> codified explicitly somewhere in Ruby. > ... >> I'm sending this to >> the engines users list, and everyone is welcome to comment.... any >> thoughts guys? > > I never saw any responses to this, so I'll post a late one... I totally > agree. I was just starting to play with improving the roles/permissions UI > from the default scaffolding, and then I realized: Why would I want to be > editing these relationships from a UI in the first place? They belong to > the application design domain, not the database domain. The fact that, > behind the scenes, UserEngine also uses a database to store them is > incidental. The only time I need to create new roles and permissions is > when I'm creating or changing functions in the application. > I agree, the roles and permissions are generally decided when creating the application, and there should be some way of codifying it explicitly in the application. Maybe a file which can be used to populate the roles and permissions database when the application is initially created. The Web UI for roles and permissions provide an extra feature which the customer can use to manage the roles and permissions depending upon how things shape up in future. Also none of the rows in the permission_roles table should change, and only UI should be used to delete a role otherwise the client may find his application as behaving differently from what it was doing earlier. > I could see an argument for then implementing "Groups" as a buffer between > users and roles, where Groups is an administrative, data-domain convenience > for bulk-managing users. You'd create users and groups through the web UI, > and roles and permissions during app design. I don't understand what added benefit will groups achieve, a user can have multiple roles. A question for James: The README for user_engine says that Permission.synchronize_controllers [1] (or sync) method can be called from console to synchronize the permissions table. How does one calls this method from the console? Calling the `Permission.sync' method in the environments.rb throws an error. [1]Should it be synchronize_with_controllers? Because I didn't find the synchronize_controllers method. Thanks and Cheers. -- Surendra Singhi http://ssinghi.kreeti.com, http://www.kreeti.com Read the latest news at: http://news.kreeti.com _______________________________________________ engine-users mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
