On Mon, May 24, 2010 at 10:27 AM, paulo <[email protected]> wrote:
> Hi folks,
>
> Hopefully this is just me being daft, but have been struggling to
> chain permission checks through models.
> I have a 'branch' model which has_many 'contacts'.
>
> I have a block of code within my branch 'view_permitted?' function
> which works fine, but I now would like to limit my contacts, based on
> if the user has access to their branch.
>
> I figure that this should be pretty easy, so far i've tried various
> versions of the following in my view_permitted? function in the
> contacts model:
>
> def view_permitted?(field)
> return true if branch.view_permitted?('name')
> false
> end

The problem is that acting_user isn't threaded along when you make
this call. Try this:

branch.viewable_by?(acting_user, :name)

which will correctly pass acting_user along to the permission method.

--Matt Jones

-- 
You received this message because you are subscribed to the Google Groups "Hobo 
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/hobousers?hl=en.

Reply via email to