This would make a good recipe to publish in the cookbook... -Owen
On Tue, May 10, 2011 at 7:12 PM, jarad <[email protected]> wrote: > "users.contains?(acting_user)" threw the following error "Invalid > source reflection macro :has_many :through for has_many..." > > After a little searching, I found the "nested_has_many_through" gem. > This gem along with "acting_user.in?(users)" in the update and view > methods did the trick. > > On May 10, 4:44 pm, Tiago Franco <[email protected]> wrote: > > Hi, > > > > According to my calculations, you should have > > "users.contains?(acting_user)" in the update and view methods. > > > > Please remove acting_user.in(reviews) from the view. And > > acting_user.reviewer? from the update. > > > > Thanks, > > TF > > > > On 10/5/11 9:36 PM, jarad wrote: > > > > > > > > > > > > > > > > > I have to say I am a big fan of hobo and love what it can do but I > > > have run into a few snags here and there, one is the permissions > > > system. > > > > > I would like to limit the view and update permissions for the Program > > > model below to only allow users assigned to a review of the program. I > > > can't find much documentation as to how this could be done and I have > > > tried everything I can think of. Any help would be greatly > > > appreciated. > > > > > class Program< ActiveRecord::Base > > > has_many :reviews > > > has_many :users, :through => :reviews > > > > > # --- Permissions --- # > > > def create_permitted? > > > acting_user.administrator? || acting_user.signed_up? > > > end > > > def update_permitted? > > > # limits to the creator, admins, and reviewers (boolean in user > > > model) > > > acting_user.administrator? || acting_user.reviewer? || owner_is? > > > (acting_user) > > > end > > > def destroy_permitted? > > > acting_user.administrator? || owner_is?(acting_user) > > > end > > > def view_permitted?(field) > > > # One of my attempts that isn't doing what I want > > > acting_user.administrator? || acting_user.in?(reviews) || > owner_is? > > > (acting_user) > > > end > > > end > > > > > class Review< ActiveRecord::Base > > > belongs_to :program > > > has_many :review_assignments, :dependent => :destroy > > > has_many :users, :through => :review_assignments, :accessible => > > > true > > > > > class ReviewAssignment< ActiveRecord::Base > > > belongs_to :user > > > belongs_to :review > > -- > You received this message because you are subscribed to the Google Groups > "Hobo Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/hobousers?hl=en. > > -- Owen Dall, Chief Systems Architect Barquin International www.barquin.com Cell: 410-991-0811 -- You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/hobousers?hl=en.
