Hi ppl,
If you are using Authorization plugin (http://www.writertopia.com/developers/authorization) you can easily extend your ApplicationHelper with all benefits of authorization plugin.
Perhaps we have user "doomer" logged in, who have two roles > "tester" and "translator"
So regularly in some controller/action we can do:
current_user.has_role?("tester") // true
or
current_user.has_role?("admin") // false
and so on.
This is very nice usage of authorization stuff ! A big respect to billkatz and glenn.rempe.
However we want to ease usage of current....("admin") queries
We can do the following:
in application_helper
those methods will return true or false depends on user permission, but if we have 5+ roles ? +10 ? let me say its very dirty and wet way..
module ApplicationHelper
def tester?
current_user.has_role?("tester")
end
def admin?
current_user.has_role?("admin")
end
end
So lets do it:
open application.rb
def assign_roles
for role in Role.find(:all, :select => "name", :group => "name")
logged_in? ? r = current_user.has_role?(role.name) : r = false
c = "def #{role.name}?() #{r} end"
ApplicationHelper.module_eval(c)
logger.info "PARSED ROLE #{role.name}"
end
end
And for the last, put before_filter :assign_roles in begin of application.rb
Thats it !!
Okay what we did here ? >>
1. return if current_user isnt logged in (plugin method)
2. find all roles & create local r with true/false, depends on permission
3. create def code for ApplicationHelper and eval it.
We created exactly the same as above sample but much more dynamic & DRY !!
Thats all, have a fun usage !!!
p.s. an authorization plugin usage/download available here:
http://www.writertopia.com/developers/authorization
or from GIT:
http://github.com/DocSavage/rails-authorization-plugin/tree/master
ADDON--
If you want those helper methods to be available to controllers(because you CANT call helper method from controller) just add:
ApplicationController.module_eval(c)
under ApplicationHelper.module_eval(c)
This will create application controller methods (def admin? false end)