Hi nick !
We have been doing exactly that with zena for years (public visitor =
anonymous login). I think your use case could be very interesting to try
with the new zena as gem:
1. single login system
2. in all your current controllers
before_filter :check_visitor_rights
def check_visitor_rights
unless visitor.group_ids.include?(INTRANET_ID) raise
ActiveRecord::RecordMissing
end
3. You create some bridges between the public (zena) site to your
intranet by creating "Proxy" models
class Client< Contact
zafu_context :inventory => ["Product"], :orders => ["Order"]
def orders
return nil unless client_id = version.dyn['client_id']
res = Order.find(:all, :conditions => ['client_id = ?', client_id])
res == [] ? nil : res
end
end
NB: "Contact" is a native class in Zena.
4. Declare what can be seen from you existing "Order" class:
class Order
include RubyLess::SafeClass
safe_method :created_at => Time, :shipping_date => Time, :shipped =>
Boolean, :description => String
end
5. In the templates for the site, you can customize the look of the site
everywhere depending on the visitor or just the visitor's "own" page:
----- Client.zafu
<r:include template='Node'> <!-- render mostly like a normal Node -->
<r:with part='main'> <!-- change content in 'main' DOM id -->
<ul do='orders'>
<li do='each'><r:if test='shipped'>Order shipped on <span
do='shipping_date' format='%d %b %Y'/><r:else>Order shipping due on
<span do='shipping_date' format='%d %b %Y'/></r:else></r:if></li>
</ul>
</r:with>
</r:include>
Final note: this has not been done before because zena needed to mature.
Now that it's a "config.gem" away, it would be a very interesting use
case and I'd be very happy to help make this real. From what I see right
now, there might be some name clashing and we might need to move all
zena models into Zena:: scope (that would be a good thing anyway).
Let me know what you think.
Gaspard
PS: zena's website http://zenadmin.org
> Hello, everyone!
>
> I was wondering if somebody has some insight on this issue.
>
> [h]A little background:[/h]
> I work for a midsize electronic manufacturing company with 2 people in
> IT dept - a network admin and a developer (me).
>
> We've been using rails to migrate from an old dBase and VB based system
> to build internal company IntrAnet that does things like label printing,
> invetory control, shipping, etc.
>
> [h]The Dilemma[/h]
> Right now we need to replace an old website that was done in Java, that
> would connect to our internal system for out clients to use. We want to
> be able to pull information like live inventory, order placement,
> account statements.
>
> [h]Actual Question[/h]
> Does anyone have any suggestion on how to accomplish this in a better
> way?
>
> Here are three options that I see:
> a) Build a separate Rails app on a web server, that will connect to the
> [b]same[/b] DB that our internal app connects to.
> +++ Pluses:
> Live data - same thing that our internal apps see, i.e.
> orders are created in real time, inventory is depleted right away,
> --- Minuses:
> Potential security risk, duplication of code - i.e. I need to
> duplicate all the controllers, models, views, etc. that deal with
> orders.
> b) Build a separate Rails app on a web server, that will connect to [b]a
> different[/b] DB from our internal app.
> +++ Pluses:
> Less security exposure.
> --- Minuses:
> Extra effort to sync web DB and internal DB, extra code to
> handle inventory depletion and order # creationg ,duplication of code -
> i.e. I need to duplicate all the controllers, models, views, etc. that
> deal with orders.
>
> c) Expose internal app to the web
> +++ Pluses:
> all the problems from above eliminated
> --- Minuses:
> A lot more security headaches. Duplication of login systems -
> one for web - one for internal users using LDAP.
>
> So any thoughts? Anyone had similar problem to solve?
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
