Sure... a hack of sorts. Just make some permissions for "fake"
controllers & actions (that need not exist/do anything useful). Then
assign these permissions to the roles you want and use the authorized?
method. This gives arbitrarily fine-grained control:
<% if authorized?(:controller =>'htmlacesscheck' :action =>
'thisbitofhtml') %>
<!-- Private HTML -->
<% end %>
Piotr Usewicz wrote:
>> Yeah, I have figured it out. But still, it won't work as expected.
>
> My application shall grant access to 'our' users, and our client's
> users.
>
> So our users arent assigned to Client roles, but instead like Helpdesk
> Users or whatever.
>
> Here, if a certain user (or admin) arent assigned Client Manager role
> won't see the block aswell... Which is not the way it should be.
>
> Any solution? :)
>
> Peter
--
Posted via http://www.ruby-forum.com/.
_______________________________________________
engine-users mailing list
[email protected]
http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
