Asp Forum
Home
|
Login
|
Register
|
Search
Forums
>
comp.lang.ruby
ACL System similar to phpGACL?
Scott
4/10/2006 4:44:00 AM
I'm going to need a system to manage a hierarchy of users (possibly
tens-of-thousands). Certain users will be able to see all of the child
users for their organization, as well as edit entities associated with
their organization. It seems to me that a generic ACL system similar
to phpGACL (
http://phpgacl.source...
) would work very well for
me in this situation, but I havent found anything similar for RoR. Can
anyone point me in the right direction, or offer any suggestions?
Right now, my propsed "solution" is to "borrow" some techniques from
phpGACL and write a similar system in Ruby, but I'd really love to not
have to do that :)
Thanks,
Scott
2 Answers
Codemonk
4/10/2006 9:12:00 PM
0
It doesn't get any easier or manageable than
http://wiki.rubyonrails.org/rails/pages/AccessControlListExample/v...
Someone else posted this link today in another post, but it seems
perfect for what you need.
Scott
4/12/2006 12:16:00 AM
0
Yea, I saw that, but it doesnt provide a way (other than adding
view/edit permissions for each entity) to allow/deny access to specific
entities. For example, say I have a CRM app written in php. With
phpGACL, I would be able to build groups to contain Access Request
Objects (which would be users of the system), such as Administrators,
Clients, etc. Administrators would have access to everything in the
system, including access to add/update/delete clients. If a client
logged in, they should only ever see data related to themself. Say the
client was looking at a ticket they entered, and changed the ticket
number in the URL. If the ticket references a client that is not them,
they shouldnt have access to see it. I suppose in this instance we
could just associate the ticket to a specific client, but it'd be nice
to be able to manage access to the ticket in a more generic fashion,
because there could be a case where there is a relationship between
clients, and they should be able to access either of their tickets, or
even share access to a single ticket in the system. With a generic ACL
system, that is entirely possible, but, without a permission for every
ticket in the system, impossible with the model proposed solution at
http://wiki.rubyonrails.org/rails/pages/AccessControlL...
.
Servizio di avviso nuovi messaggi
Ricevi direttamente nella tua mail i nuovi messaggi per
ACL System similar to phpGACL?
Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te
Il servizio è completamente GRATUITO!
x
Login to ForumsZone
Login with Google
Login with E-Mail & Password