The default front controller works a bit different, it's basically just an example, iterates over some hobo models and displays collections for them.
I suggest looking at the generated default dryml for front. For further information on controller see http://hobocentral.net/docs/controllers/ On Sat, Dec 13, 2008 at 03:38:27PM +0100, roland oth wrote: > > Hi Kevin > > I agree with your approach to apply the permissions in a controller > and not have a record per > record decision when the page is renderered whether the record is > permitted to be shown to the user. > > So I am trying to tweak the front controller and apply the view > permissions there. The goal is > that the guest user sees none of the records. The records become > available once logged it. > > In the generated front controller I get this statement. > > def index;end > > I tried to tweak this to see how this index method works and where the > stuff is happening under the hobo hood . > I replaced the method with: > > def index > @locations = Location.find :last > end > > But I still got 6 Locations rendered. > > I took the abovementioned method and put it in the Locations > controller. -> Also no change to the front page. > > What place does one go to, to tweak the front controller? > > Thnx Roland > > > Am 13.12.2008 um 03:53 schrieb kevinpfromnm: > > > > > In addition to lessening the memory load, changing the find conditions > > in the controller keeps the pagination information correct. Even if > > can_view was working properly, you'd get pages with less than the per > > page count as certain items got filtered out. Sometimes even blank > > pages depending on how frequently the view permission was denied. > > > > On Dec 12, 10:25 am, Hobo_Fan <[email protected]> wrote: > >> Hi rolando , > >> > >> I found a good write out written by larryk on hobocentral in regards > >> of viewable_by? and updateable_by? methods. You might want to take a > >> look. > >> > >> http://hobocentral.net/forum/viewtopic.php? > >> p=5108&sid=eca9b87ea696a74... > >> > >> Unfortunately, I was not able to understand it and do not how to > >> implement it with my app. > >> > >> But I was able to allow user who logged in to see certain fields, for > >> example: > >> > >> <aside:> > >> <h2>Licensing Info</h2> > >> <% for license in @product.licenses %> > >> <ul> > >> <li> > >> License Key: <%= license.key if logged_in? %> > >> <br/>Client: <%= h(license.client.last_name) if ! > >> license.client.nil? %> > >> </li> > >> </ul> > >> <% end %> > >> <br/> > >> <p><a to="&License" action="new">Add New License</a></p> > >> </aside:> > >> > >> Let me know if you figure out how to use the viewable_by method. > >> > >> Thanks, > >> Sean > >> > >> On Dec 12, 2:15 am, solars <[email protected]> wrote: > >> > >>> On Fri, Dec 12, 2008 at 10:09:14AM +0000, James Garlick wrote: > >> > >>>> I think you'd be better off constraining the collection in the > >>>> controller based on the status of the user rather than using the > >>>> permission system. Otherwise you'll be retrieving a whole load of > >>>> unnecessary data from the database which isn't very efficient. > >> > >>> Yeah that would be smarter anyway, I guess that's the reason Tom > >>> only included the can_view? check in the (default) collection tag. > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/hobousers?hl=en -~----------~----~----~----~------~----~------~--~---
