search

kristianmandrup / cantango

CanCan extension with role oriented permission management, rules caching and much more
MIT License
404 stars 45 forks source link

Integration with Active Admin #9

Closed prognostikos closed 13 years ago

prognostikos commented 13 years ago

You write on the wiki that integration with Active Admin is pending.

I am willing to help/take the lead on this.

Do you have a spec or a wishlist for how it should work?

kristianmandrup commented 13 years ago

For Active Admin it would make good sense to use the CanTango Attribute Permission API. Having attribute permissions defined would mean that the display of a model in admin mode would only display the columns for the attributes which the current admin user has permission to access.

The Attribute Permission API even lets you define if the user has :read or :edit access to an attribute. This would allow the admin interface to disable any editing buttons for the given attribute with only :read access. In short: Even more fine grained admin control!

https://github.com/kristianmandrup/cantango/wiki/Attribute-permission-api

The idea is to display each column of a model in the correct mode depending on whether the current user (fx admin?) has the permission to edit or read that particular attribute, using the Attribute-permission-api.

Also, when displaying all the instances of a particular model, we could use a user_can? or can? or whatever to determine what kind of actions should be made available to the admin for acting on that object.

Would be nice with a small demo app that demonstrates this integration. That's all I can think of now. Not much of an expert on ActiveAdmin. Your thoughts/ideas?

kristianmandrup commented 13 years ago

Oh, and thanks for being willing to contribute :) Much appreciated!

prognostikos commented 13 years ago

I think you're right that the best way to proceed would be to write a sample application that shows how to use cantango with Active Admin. The more I investigate both projects the more I think that it can be done without modifying either. A sample app should prove or disprove that assumption.

The following issue & wiki page give some background regarding CanCan and should be useful for this issue as well:

https://github.com/gregbell/active_admin/issues/72 https://github.com/gregbell/active_admin/wiki/How-to-work-with-cancan

kristianmandrup commented 13 years ago

Thanks, I have been looking at all the ideas/suggestions and code snippets from the comments at issue #72 and tried to integrate it into my _cantangodemo app.