On September 26, 2011 10:49:22 PM Mike wrote:
> Hi all,
>
> This is probably a silly issue, but I can't seem to find a way to
> search for the answer.
>
> I'm setting the def view_permitted?(field) on a custom object that
> belongs to a user with three possible conditions:
>
> def view_permitted?(field)
>
> owner_is? acting_user ||
> acting_user.administrator? ||
> acting_user.super?
>
This statement is interpretted as:
owner_is?(acting_user || acting_user.administrator? ||
acting_user.super?)
because || binds tighter than method call.
It further reduces to
owner_is?(acting_user)
because if acting_user is true, then it will never evaluate the rest.
The solution is
owner_is(acting_user) ||
...
> logger.info "OK"
>
The always returns true, so I believe that you are testing an administrator or
super, and not the owning user.
Hope this helps,
Henry
> end
>
> When I add any logger line in, everything works fine - if I comment
> that out, or remove it, then I get a permission denied error.
>
> def super? is defined for the user model, and so is the owner
> relationship. Truly, everything works fine if I leave a logging
> message in....any ideas?
>
> Thanks,
>
> Mike
--
Henry Baragar
Instantiated Software
--
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en.
