Done On May 10, 7:21 pm, Owen Dall <[email protected]> wrote: > This would make a good recipe to publish in the cookbook... > > -Owen > > > > > > > > > > On Tue, May 10, 2011 at 7:12 PM, jarad <[email protected]> wrote: > > "users.contains?(acting_user)" threw the following error "Invalid > > source reflection macro :has_many :through for has_many..." > > > After a little searching, I found the "nested_has_many_through" gem. > > This gem along with "acting_user.in?(users)" in the update and view > > methods did the trick. > > > On May 10, 4:44 pm, Tiago Franco <[email protected]> wrote: > > > Hi, > > > > According to my calculations, you should have > > > "users.contains?(acting_user)" in the update and view methods. > > > > Please remove acting_user.in(reviews) from the view. And > > > acting_user.reviewer? from the update. > > > > Thanks, > > > TF > > > > On 10/5/11 9:36 PM, jarad wrote: > > > > > I have to say I am a big fan of hobo and love what it can do but I > > > > have run into a few snags here and there, one is the permissions > > > > system. > > > > > I would like to limit the view and update permissions for the Program > > > > model below to only allow users assigned to a review of the program. I > > > > can't find much documentation as to how this could be done and I have > > > > tried everything I can think of. Any help would be greatly > > > > appreciated. > > > > > class Program< ActiveRecord::Base > > > > has_many :reviews > > > > has_many :users, :through => :reviews > > > > > # --- Permissions --- # > > > > def create_permitted? > > > > acting_user.administrator? || acting_user.signed_up? > > > > end > > > > def update_permitted? > > > > # limits to the creator, admins, and reviewers (boolean in user > > > > model) > > > > acting_user.administrator? || acting_user.reviewer? || owner_is? > > > > (acting_user) > > > > end > > > > def destroy_permitted? > > > > acting_user.administrator? || owner_is?(acting_user) > > > > end > > > > def view_permitted?(field) > > > > # One of my attempts that isn't doing what I want > > > > acting_user.administrator? || acting_user.in?(reviews) || > > owner_is? > > > > (acting_user) > > > > end > > > > end > > > > > class Review< ActiveRecord::Base > > > > belongs_to :program > > > > has_many :review_assignments, :dependent => :destroy > > > > has_many :users, :through => :review_assignments, :accessible => > > > > true > > > > > class ReviewAssignment< ActiveRecord::Base > > > > belongs_to :user > > > > belongs_to :review > > > -- > > You received this message because you are subscribed to the Google Groups > > "Hobo Users" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > >http://groups.google.com/group/hobousers?hl=en. > > -- > Owen Dall, Chief Systems Architect > Barquin Internationalwww.barquin.com > Cell: 410-991-0811
-- You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/hobousers?hl=en.
