you can use a layout partial http://railscasts.com/episodes/99-complex-partials
2010/9/8 Sebastião Giacheto F. Júnior <[email protected]> > Sorry, My controller actions are already restricted based on the user > type (I use authlogic). I'm not restricting anything on the view. It's > not possible to do something as a normal user, even if the links/forms > were there. I just wan't to render the view differently for each one, > but keeping things more DRY (since the list is almost about the same > for each user) and without ugly conditional statements. > > But sorry, I was warned to post this kind of doubt on the other mail > list: 'rails-talk', not here. Newbie behavior :D > Thanks for the answer. > > On Wed, Sep 8, 2010 at 11:54 AM, radhames brito <[email protected]> wrote: > > bad solution, rendering or not the link doesnot hide th action, that > means > > with a tool like curl a user can trigger the delete or just writing the > link > > in the browser and changing the method, use an authorization gem , read > > about cancan, > > > > http://railscasts.com/episodes/192-authorization-with-cancan > > > > whe you have is an authorization problem. > > > > 2010/9/7 Sebastião Giacheto F. Júnior <[email protected]> > >> > >> Hi, > >> I have a simple partial, just a file list. > >> > >> The list is exactly the same for those who have permission to change > >> it, and those who just can see it. > >> > >> The best way to keep things DRY, I think, is doing some kind of shared > >> partial. No problem so far. > >> > >> But what about the specific actions (new/edit/delete)? Scattering some > >> conditional statements seems very very uglier, and even more difficult > >> to maintain, than separate views. So I came up with another solution: > >> putting some yield statements on the code. Something like, "yield > >> :delete" for example. Than I render a partial that contains only the > >> user specific things, and put the content_for's that are appropriated. > >> > >> But I think that can be even a prettier solution. So I'm asking you guys > >> :D > >> Sorry, if this is a newbie question, I'm new to rails, and concerned > >> about doing things the best way possible. > >> > >> Thanks in advance > >> -- > >> Sebastião G. Ferreira Júnior > >> "How much trust is too much trust? Should you even trust?" > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Ruby on Rails: Core" group. > >> To post to this group, send email to [email protected]. > >> To unsubscribe from this group, send email to > >> [email protected]<rubyonrails-core%[email protected]> > . > >> For more options, visit this group at > >> http://groups.google.com/group/rubyonrails-core?hl=en. > >> > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Ruby on Rails: Core" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]<rubyonrails-core%[email protected]> > . > > For more options, visit this group at > > http://groups.google.com/group/rubyonrails-core?hl=en. > > > > > > -- > Sebastião G. Ferreira Júnior > "How much trust is too much trust? Should you even trust?" > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Core" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<rubyonrails-core%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/rubyonrails-core?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
