[Rails] Design question - integrating light-weight authorization
Vincent Foley
vfoley at gmail.com
Wed Nov 24 14:24:39 GMT 2004
I don't know about the others, but I think the way I would do it would
be to have multiple views with a certain naming pattern. If you have
users and admins in your system, your mainmenu.rhtml could instead be
two files named admin_mainmenu.rhtml and user_mainmenu.rhtml and have
something in your controller like:
def index
render_file "#{user.klass}_mainmenu.rhtml"
end
Something like that? Just a suggestion.
Vincent.
On Tue, 23 Nov 2004 23:43:43 -0800, Chris Brooks <brookscl at gmail.com> wrote:
> This might be more of an MVC design pattern question than a
> Rails-specific question, but I'm sure someone out there will be
> willing to help out.
>
> I have a number of pages that should render differently based on the
> authentication state of the user (much of the content can be viewed
> even if unauthenticated) and the role of the user. Usually this means
> that certain edit fields / buttons won't be displayed if the user
> doesn't have privs to do so.
>
> I'm struggling with the right way to represent this. Should I be
> using a single view for these pages with conditional hiding of certain
> portions of the rendered page? Or should I be using different views
> for each class of user, with appropriate render calls from the
> controller?
>
> Thanks,
>
> --
> Chris Brooks
> http://www.chrisbrooks.org
> _______________________________________________
> Rails mailing list
> Rails at lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
--
Vincent Foley-Bourgon
Blog: http://www.livejournal.com/~gnuvince
RSS: http://www.livejournal.com/~gnuvince/data/rss
More information about the Rails
mailing list