> Are there examples of projects that use this nesting stuff in the wild that > we could actually see the code to? I'd love to figure out what I'm missing > here, as I really feel like I'm not "getting" it. In the past, for security > purposes, I'd just have the user *own* everything by user_id and use that to > see if someone can actually use it.
But if you have a team of people who can access a project, then how can you use user_id? I'd expect almost all of the open source rails applications which do this kind of security will be following association proxies to implement their security. -- Cheers Koz --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
