Iøm trying to figure out how to properly set the permissions of a rich
has_many relationship that contains a hobo lifecycle.
It should function like this. I have an event which has a number of
attendees (event_attendees).. There attendees can have different
lifecycle states (:available, :volunteer, :manager).
The users also have a state assigned to them. Throughout the whole
application its ment administrators (User.administrator? and users
with a :manager state should be allowed to create and change things..
So i need to set up permissions to allow for some users to create and
update the lifecycles. Only administrators and users already assigned
to an event as manager should be able to create and control the
lifecycles.
Here are the important parts of the models:
class Event < ActiveRecord::Base
has_many :event_attendees, :dependent => :destroy
has_many :attendees, :through => :event_attendees, :accessible =>
true, :source => :user, :scope => :activated
end
class EventAttendee < ActiveRecord::Base
belongs_to :event
belongs_to :user
lifecycle do
state :available
state :volunteer
state :manager
create :add_available, :available_to =>
"acting_user.administrator", :params => [:event, :user], :become
=> :available
create :add_volunteer, :available_to =>
"User.administrator", :params => [:event, :user], :become
=> :volunteer
create :add_manager, :available_to =>
"User.administrator", :params => [:event, :user], :become => :manager
transition :available, { [:volunteer, :manager]
=> :available }, :available_to => "acting_user.administrator?"
transition :volunteer, { [:available, :manager]
=> :volunteer }, :available_to => "acting_user.administrator?"
transition :manage, { [:available, :volunteer]
=> :manager }, :available_to => "acting_user.administrator?"
end
end
Can i "just" set the normal permissions for the EventAttendee so that
only administrators or users already assigned as managers can create
and update (does these permissions effect the lifecycle permissions at
all) (and how do i search out if the acting_user is actually has an
event_attendee with :manager state assigned to it?)
Or do i have to set the permissions in the :available_to in the
transision itself..?
Sorry for all the questions mixed together, but its kind of confusing
that the "normal" and lifecycle permissions are not declared in the
same way (and the use of acting_user in lifecycle permissions its not
quite clear also).
Looking forward to a bunch of helpfull info.. :)
--
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en.
