search

inossidabile / protector

Comfortable (seriously) white-list security restrictions for models on a field level
MIT License
270 stars 31 forks source link

inheritance #8

Closed cj closed 11 years ago

cj commented 11 years ago

Hi,

So I figured out what the issue with https://github.com/inossidabile/protector/issues/6#issuecomment-20559375 was. I have a folder structure like:

apps
+-- models
| \
|  +-- conerns
|  +-- permissions
|   \ 
|    | base_permissions.rb
|    | signing_note_permissions.rb
|  /
|  signing_note_user.rb

With this contents: https://gist.github.com/cj/bd62946c9d24f9a17cbb

If you remove these two lines (which fixed the issue) https://gist.github.com/cj/bd62946c9d24f9a17cbb#file-signing_note_permissions-rb-L13-L14 you'll get the error undefined methodwhere' for false:FalseClass. Shouldprotectalways returnscoped` to avoid this?

What would you suggest to be the best way to inherit from a set of base permissions?

inossidabile commented 11 years ago

No it should not. It is a bag. It should return true unless you scoped entity. Will fix it.

The best way is to go with a module. You can have several protect calls in your model. So move everything common to a module, include it, then extend with another protect.

cj commented 11 years ago

Thank you for being so quick to respond. That update fixed it :)

So doing it the way I currently am is the best way, got it! Thank you again!