What would you like to be able to do? Can you provide some examples?
I want to customize the navigation links in a way that let's me change which links are available to different types of users.
Context: I am trying to use Administrate for myself, the true "admin" of the site, but also allow end users to manage some of their own resources. For example, it is useful for me to have access to the Users link / dashboard with access to all users. But the end users are not authorized to read or write that model at all, so it would be great if I could hide that link from them entirely.
How could we go about implementing that?
I am still getting to know this tool, so I can only speak in generalities. It seems that the dashboard links are inferred from routes. This is clever, but routing has very little access to context. So maybe a new controller method could be implemented that implementors could override the customize the default routing behavior...
# users dashboard controller
def include_dashboard_link?
return current_user.is_admin?
end
Can you think of other approaches to the problem?
Maybe there's an elegant way to let Pundit solve the problem? We wouldn't necessarily want to couple access to the resource with appearance of the link. For example, we still want users to be able to reset their own password, even if they can't edit user record(s) in admin. So maybe an additional method could be added to the policy class?
# hypothetical policy class
def dashboard?
return current_user.is_admin?
end
Thanks for this great gem...
What would you like to be able to do? Can you provide some examples?
I want to customize the navigation links in a way that let's me change which links are available to different types of users.
Context: I am trying to use Administrate for myself, the true "admin" of the site, but also allow end users to manage some of their own resources. For example, it is useful for me to have access to the
Userslink / dashboard with access to all users. But the end users are not authorized to read or write that model at all, so it would be great if I could hide that link from them entirely.How could we go about implementing that?
I am still getting to know this tool, so I can only speak in generalities. It seems that the dashboard links are inferred from routes. This is clever, but routing has very little access to context. So maybe a new controller method could be implemented that implementors could override the customize the default routing behavior...
Can you think of other approaches to the problem?
Maybe there's an elegant way to let Pundit solve the problem? We wouldn't necessarily want to couple access to the resource with appearance of the link. For example, we still want users to be able to reset their own password, even if they can't edit user record(s) in admin. So maybe an additional method could be added to the policy class?