Authorization #17
Authorization #17
Conversation
…into authorization * 'authorization' of https://github.com/alex-frost/freehub: re-add permit for now add manager_or_admin? Add person_id to visits CSV report Switch to using asalant/rails-authorization-plugin Fix bug where adding a tag did not show the full list of tags while in the edit state. Fix person name autocomplete - Array#toString change of behavior. Add baseline EngineYard CLI config file generated by 'ey init'
|
hi, are you still interested in this? I looked at the code I wrote and it was a bit ropey so I tidied it up a bit. |
|
Definitely still interested though probably going to be a bit before I can On Fri, Jan 2, 2015 at 12:10 PM, Nikolai notifications@github.com wrote:
|
| permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] | ||
|
|
||
| before_filter :authorize_admin_or_manager, :only => [ :show, :edit, :update ] | ||
| before_filter :authorize_admin, :only => [ :destory ] |
|
Hi @nikolai-b, I'm finally (years later!!) giving Freehub some love. This PR has been sitting for a while and I'm having trouble remembering why we were making these changes. Was it to remove the dependency on the authorization plugin or were there new features we wanted to support? Thanks! |
|
Hi @asalant I could only just remember: #14 (comment) |
|
Thanks! Upgrading rails will definitely make sense at some point. I’ll keep
this around in case it’s useful at the time.
…On Thu, Dec 5, 2019 at 12:17 AM Nikolai ***@***.***> wrote:
Hi @asalant <https://github.com/asalant>
I could only just remember: #14 (comment)
<#14 (comment)>
I think if you want to get rails to a higher version then owning the
authorization code will make it easier. If you've no plans to bump rails
then this doesn't help much 😄
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#17?email_source=notifications&email_token=AAA3BOGIOPHWP4Q24K5QA4LQXC2JVA5CNFSM4AOH4JIKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEF74GZQ#issuecomment-562021222>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA3BOALK7BXVBVFWPICYDDQXC2JVANCNFSM4AOH4JIA>
.
|
Turned out to be a bit more work than we expected but a long train ride later and it looks ok. I'll have a play around in dev soon but the tests pass.
In the users_controller I removed the 'owner' role and replaced with 'manager'. Not sure what the roles table looks like in prod so maybe we should add some methods for 'authorize_owner'.
Cheers!