Tony Perrie wrote: > I'd argue that we should just use finder methods and named_scopes in > the AR models rather than reinvent the wheel. > > Tony
earlier you said: >> Maybe I'm misunderstanding the context, but why not just secure your >> model through the has-many association? It's the most basic security >> idiom and is built-in. > I suggested this to my team lead originally. However, in our app > there are a lot of models, and multiple tiers of access. So, it's a > minor headache for us to manually secure everything that way. But, > you're right, associations and lambda'd named_scopes are the least > surprising way to accomplish this. Minor headache is not a good excuse. You'll only have to write that sort of code once, and then copy it around to your other controllers. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
