Hello Carlos,
I am glad it worked for you. Access control is a fundamental
requirement along with authentication. Jim Neath's Bort which is
available on Github, packages Role Requirements written by Tim Harper
along with Restful Authentication for creating a baseline
application. Tim has done an excellent job of implementing a
"minimal" authorization plugin. I am using Bort to develop my own
toolkit for creating applications.
I looked at the article that you list above. It is very well written
and very nice to learn from. The key thing missing from it is that it
fails to deal with Roles and instead deals directly with users. I
think a minimal layer of roles between users and controllers is a key
requirement.
I am not saying that Role Requirement is the only plugin that
addresses it. It is just that it packaged with Bort which has other
key plugins in addition to Restful Authentication and Role
Requirements. Gets the job done.
So instead of saying session[:current_user].nil? you may want to say
[:current_user].has_role?('anonymous') for example. See the method
"has_role?" provided by Role Requirement? That is the key in my
opinion.
I may be wrong, but that is where I am going with this.
Hope this helps.
Bharat
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
