> I must say, I really like Hobo's new permission system. That said,
> I don't find the following very readable...
>
> def update_permitted?
> return false unless owner_is? acting_user
> none_changed? :address, :city, :zipcode
> end
Not readable? What do you want man, natural language?? : )
You can also use attr_protected and attr_readonly, e.g.
attr_readonly :address, :city, :zipcode
In general, the permission method only needs to be concerned with
stuff that changes according to the current user and stuff in the
database. For fields that are *always* protected, use attr_protected/
attr_accessible/attr_readonly.
I really like this idea:
> What about putting the permissions into the field declaration itself?
>
> fields do
> address :string, :except => :update
> city :string, :except => :update
> zipcode :string, :except => :update
> end
Except I think it should be a shorthand for protected / accessible /
readonly.
e.g.
address :string, :readonly
You could give :readonly, :protected or :accessible.
It would be an error to use both :accessible and :protected on the
same model (just as it is to use both attr_protected and
attr_accessible on the same model)
Like?
Tom
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en
-~----------~----~----~----~------~----~------~--~---
