Hello all, I hope everyone is having a pleasant festive period!
This is another one of my patented newbie posts, if one of the
enlightened few could sprinkle some of their magic on it I would be
most grateful!
In my continuing quest for Hobo knowledge I have been building a blog
to test things out.
I have come to terms with index.dryml the implicit context, and
defining custom dryml tags, my journey to a basic understanding of
Hobo is gathering speed! The latest chapter in this series of coding
mishaps is the permission system.
I have thought that once I finally get this behaving properly I should
turn it into a newbie recipe for building a blog in Hobo. It could be
like where they get you to make chocolate crispy cakes in home
economics at school because the teacher thinks if she lets you use the
oven you'll burn the school down.
I've been using Agility as a guide for my exploits, and I have to say
that I am for once mildly surprised that I have a problem. I thought I
understood what was going on with permissions fairly well. So without
further ado here is where I fell down:
I have two models "post" and "comment" with their relevant
controllers. I want only the administrator (me!) to be able to make
posts and anyone that is signed up to create, edit and destroy their
own comments. Standard blog behaviour you might say.
First I decide to tailor how comments are displayed in my app, so in
comments_controller.rb I add the lines:
auto_actions :all, :except => :index
auto_actions_for :post, [:new, :create]
then in the post model I add:
has_many :comments, :dependent => :destroy
I ammend comment.rb to include the lines:
belongs_to :post
belongs_to :owner, :class_name => "User", :creator => true
Again in the comment model I adjust the create edit and destroy
permissions to read:
def create_permitted?
owner == acting_user
end
def update_permitted?
acting_user.administrator? || acting_user == owner && !
owner_changed?
end
def destroy_permitted?
acting_user.administrator? || acting_user == owner
end
Then finally in user.rb I added the line:
has_many :comments, :class_name => "Comment", :foreign_key =>
"owner_id"
I run my hobo_migration and fire up the server.
Now all of this runs as expected, except for one thing. When creating
a new comment an "Owner" field with a drop down menu is present on the
form. This confuses me. In the Agility tutorial it states:
"One thing worth noting in the creatable_by? method. We assert that
owner == user. This is very often found in conjunction with :creator
=> true. Together, these mean that the current user can create their
own projects only, and the “Owner” form field will be automatically
removed from the new project form."
I think I have done this, and yet the "Owner" form field persists.
What am I missing?
As always many thanks for reading, and any help would be most
appreciated!
Ian.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en
-~----------~----~----~----~------~----~------~--~---
