On 20 Apr 2006, at 18:29, Kevin Olbrich wrote: > The simplest I can think of is to add a project_id column to the > permissions table.
That's interesting. Because I've specified it on the users_roles table. I'm thinking users have roles in projects. Your approach though... hmmmm... > Let it default to NULL, which means that if a > permission is set then it applies across all projects the user has > access to. The project_id could either be a real association to a > project, or just a yaml encoded list of valid projects. Project is < ActiveRecord::Base so making it a real association is sensible. > Then you need to override the authorization functions to use this > value > as well, so your calls might look like. > > link_if_authorized 'action', :controller=>'cont', :action=>'action', > :project=>proj.id Yeah, that's what I was thinking. > You would also need to set up the permission entries view to handle > multiple projects for assignment. This could get really messy, or you > could have an admin view on a per project basis. I'm thinking the latter. Where I got really stuck is that I'm trying to manage a 3-way HABTM relationship, so when I'm managing the roles a user has, I'm trying to @user.projects.roles.each do |role| ... which of course just doesn't work. I think I need to have a think about your suggestion but it might work - I suspect I'm going to end up back here again but with permissions rather than roles. I think when I have more time after this project is over, I'm going to extend UserEngine somewhat to provide this kind of functionality - I'm just confused about the best way to do it right now. :-) -- Paul Robinson _______________________________________________ engine-users mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
