Menu
Is there a way to declare attr_accessible for multiple roles without a ton of duplication?
If I have several user roles, and each role is allowed to edit a different subset of attributes, here's what my attr_accessible declaration looks like:
attr_accessible :first_name, :last_name, :active, :as => :admin
attr_accessible :first_name, :last_name, :as => :manager
attr_accessible :first_name, :last_name, :as => :guest
I'd like to either
Is this possible?
379
I just spent a long time trying to figure out the best way to do this. It seemed strange that the rails folk would expect you to duplicate a whole bunch of code!
After some digging around in the rails source, it turns out you can simply pass an array to assign attributes to multiple roles at once (:default being the default Active Record role)
attr_accessible :name, :email, :as => [ :default, :admin ]
attr_accessible :featured, :as => :admin
No messy ruby arrays in your model!
130
All ruby code is still just ruby code... and is thus infinitely hackable. eg
ROLES = [:admin, :manager, :support, :user, :guest]
ACTIVE_ROLES = [:admin, :support]
ROLES.each do |role|
fields = [:first_name, :last_name]
fields += [:active] if ACTIVE_ROLES.include?(role)
attr_accessible *fields, :as => role
end
Did you try something like:
COMMON_FIELDS = [:first_name, :last_name]
attr_accessible COMMON_FIELDS | [:active, :as => :admin]
attr_accessible COMMON_FIELDS | [:as => :manager]
attr_accessible COMMON_FIELDS | [:as => :guest]
Another possible way (untested):
attr_accessible :first_name, :last_name
ADMIN_ACCESSIBLE = [:active]
MANAGER_ACCESSIBLE = []
GUEST_ACCESSIBLE = []
protected
def mass_assignment_authorizer
if role == :all
self.class.protected_attributes
else
super + (eval("#{role}_accessible".upcase) || [])
end
end
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
