Menu
I've been having almost the same issues as Victor Martin (you can see the questions asked here).
I've got declarative authorization working for just about everything that doesn't involve using conditionals. E.g.
has_permission_on :users, :to => [:edit, :update, :destroy] do
if_attribute :user => is { current_user }
end
Are there any common pitfalls with Declarative Authorization? I'm using authlogic and I'm suspicious the 'current_user' method in the application controller might be the source of the problem.
777
Note that if you are using "filter_access_to" in your controllers, you need to make sure you have ":attribute_check => true". Without it, the conditional "if_attribute" declarations don't do anything.
More details about this in the Declarative Authorization docs
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
