If a set of users all need to see the same chunk of HTML, they should share the same role. Importantly, though, bear in mind that users can have MANY roles. So define your roles in a sensible way which reflects the fine granularity of what information they should/should not see, and use these presence/absence of those fine-grained roles in your conditional statements.
- james On 3/29/06, Piotr Usewicz <[EMAIL PROTECTED]> wrote: > Jonathan Bloch napisaĆ(a): > > Sure... a hack of sorts. Just make some permissions for "fake" > > controllers & actions (that need not exist/do anything useful). Then > > assign these permissions to the roles you want and use the authorized? > > method. This gives arbitrarily fine-grained control: > > > > <% if authorized?(:controller =>'htmlacesscheck' :action => > > 'thisbitofhtml') %> > > <!-- Private HTML --> > > <% end %> > > > > > > > > Oh thanks. But it's nasty! ;] > > Peter > > _______________________________________________ > engine-users mailing list > [email protected] > http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org > -- * J * ~ _______________________________________________ engine-users mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
