Very interesting! Looking forward to seeing the final product.
Sean
Paul Hoehne wrote:
> Thanks, Sean:
>
> It looks like this works. I'll push the rest of the extension into
> our public SVN when I get it ironed out.
>
>
> def activate
> admin.tabs.add "Rbac Base", "/admin/rbac", :after =>
> "Layouts", :visibility => [:admin]
> User.send :has_and_belongs_to_many, :roles
> User.send :include, RbacSupport
> end
>
>
> module RbacSupport
>
> all_roles = Role.find(:all)
>
> all_roles.each do | possible_role |
> define_method("#{possible_role.role_name.underscore}?") do
> if @my_roles == nil
> @my_roles = Hash.new
> roles.each do | role |
> @my_roles["#{role.role_name.underscore}"] = true
> end
> end
> @my_roles["#{possible_role.role_name.underscore}"] || admin?
> end
> end
> end
>
>
> On Aug 21, 2007, at 9:51 AM, Sean Cribbs wrote:
>
>
>> Paul,
>>
>> It should be easy to add a new role(s) for this if you have only
>> role-specific permissions and nothing more granular than that. Just
>> create an extension that modifies the User model (in the database
>> and in
>> the code), providing methods in the manner of "finance?" or
>> "public_relations?" that test whether a given user has that role.
>> Then
>> your other interfaces/extensions can add restrictions on those tabs
>> easily.
>>
>> Sean
>>
>> Paul Hoehne wrote:
>>
>>> A question of philosophy
>>>
>>> Currently, we're looking at extending radiant for a client whose
>>> primary need is content. However, they also need some other tools
>>> specific to not-for-profits. Ideally it would be great to deliver
>>> everything in one interface. (Content management and applications).
>>> The applications would live inside the admin interface for radiant,
>>> utilizing Radiant's login and user-management system. Where we've
>>> started is with an extension to manage roles and users assigned to
>>> those roles. What we're trying to extend now is the process of
>>> displaying tabs for users. For example, only people in the "finance"
>>> role should see the tab in the admin interface for finance related
>>> reports, receipts from web donations, etc.
>>>
>>> For example, the following code from admin_ui.rb appears to be
>>> responsible for making the decision to display tabs for users. It
>>> would be nice to extend the user to read all the available roles in
>>> our roles table to provide "#{role}?" methods for the available
>>> roles.
>>>
>>> def shown_for?(user)
>>> visibility.include?(:all) or visibility.any? { |role| user.send
>>> ("#{role}?") }
>>> end
>>>
>>> As we look through the code it might not be possible to do everything
>>> we would like from extensions. Would there be interest in the
>>> community in re-visiting the user roles to provide for a more
>>> flexible roles system?
>>>
>>> Paul
>>>
>>>
>>>
>>> _______________________________________________
>>> Radiant mailing list
>>> Post: [email protected]
>>> Search: http://radiantcms.org/mailing-list/search/
>>> Site: http://lists.radiantcms.org/mailman/listinfo/radiant
>>>
>>>
>>>
>> _______________________________________________
>> Radiant mailing list
>> Post: [email protected]
>> Search: http://radiantcms.org/mailing-list/search/
>> Site: http://lists.radiantcms.org/mailman/listinfo/radiant
>>
>
> _______________________________________________
> Radiant mailing list
> Post: [email protected]
> Search: http://radiantcms.org/mailing-list/search/
> Site: http://lists.radiantcms.org/mailman/listinfo/radiant
>
>
_______________________________________________
Radiant mailing list
Post: [email protected]
Search: http://radiantcms.org/mailing-list/search/
Site: http://lists.radiantcms.org/mailman/listinfo/radiant
