Search Results

Search found 3 results on 1 pages for 'irkeninvader'.

Page 1/1 | 1 

• Should I skip authorization, with CanCan, of an action that instantiates a resource?

  - by irkenInvader

  I am writing a web app to pick random lists of cards from larger, complete sets of cards. I have a Card model and a CardSet model. Both models have a full RESTful set of 7 actions (:index, :new, :show, etc). The CardSetsController has an extra action for creating random sets: :random. # app/models/card_set.rb class CardSet < ActiveRecord::Base belongs_to :creator, :class_name => "User" has_many :memberships has_many :cards, :through => :memberships # app/models/card.rb class Card < ActiveRecord::Base belongs_to :creator, :class_name => "User" has_many :memberships has_many :card_sets, :through => :memberships I have added Devise for authentication and CanCan for authorizations. I have users with an 'editor' role. Editors are allowed to create new CardSets. Guest users (Users who have not logged in) can only use the :index and :show actions. These authorizations are working as designed. Editors can currently use both the :random and the :new actions without any problems. Guest users, as expected, cannot. # app/controllers/card_sets_controller.rb class CardSetsController < ApplicationController before_filter :authenticate_user!, :except => [:show, :index] load_and_authorize_resource I want to allow guest users to use the :random action, but not the :new action. In other words, they can see new random sets, but not save them. The "Save" button on the :random action's view is hidden (as designed) from the guest users. The problem is, the first thing the :random action does is build a new instance of the CardSet model to fill out the view. When cancan tries to load_and_authorize_resource a new CardSet, it throws a CanCan::AccessDenied exception. Therefore, the view never loads and the guest user is served a "You need to sign in or sign up before continuing" message. # app/controllers/card_sets_controllers.rb def random @card_set = CardSet.new( :name => "New Set of 10", :set_type => "Set of 10" ) I realize that I can tell load_and_authorize_resource to skip the :random action by passing :except => :random to the call, but that just feels "wrong" for some reason. What's the "right" way to do this? Should I create the new random set without instantiating a new CardSet? Should I go ahead and add the exception?

  Read the article

• validate uniqueness amongst multiple subclasses with Single Table Inheritance

  - by irkenInvader

  I have a Card model that has many Sets and a Set model that has many Cards through a Membership model: class Card < ActiveRecord::Base has_many :memberships has_many :sets, :through => :memberships end class Membership < ActiveRecord::Base belongs_to :card belongs_to :set validates_uniqueness_of :card_id, :scope => :set_id end class Set < ActiveRecord::Base has_many :memberships has_many :cards, :through => :memberships validates_presence_of :cards end I also have some sub-classes of the above using Single Table Inheritance: class FooCard < Card end class BarCard < Card end and class Expansion < Set end class GameSet < Set validates_size_of :cards, :is => 10 end All of the above is working as I intend. What I'm trying to figure out is how to validate that a Card can only belong to a single Expansion. I want the following to be invalid: some_cards = FooCard.all( :limit => 25 ) first_expansion = Expansion.new second_expansion = Expansion.new first_expansion.cards = some_cards second_expansion.cards = some_cards first_expansion.save # Valid second_expansion.save # **Should be invalid** However, GameSets should allow this behavior: other_cards = FooCard.all( :limit => 10 ) first_set = GameSet.new second_set = GameSet.new first_set.cards = other_cards # Valid second_set.cards = other_cards # Also valid I'm guessing that a validates_uniqueness_of call is needed somewhere, but I'm not sure where to put it. Any suggestions? UPDATE 1 I modified the Expansion class as sugested: class Expansion < Set validate :validates_uniqueness_of_cards def validates_uniqueness_of_cards membership = Membership.find( :first, :include => :set, :conditions => [ "card_id IN (?) AND sets.type = ?", self.cards.map(&:id), "Expansion" ] ) errors.add_to_base("a Card can only belong to a single Expansion") unless membership.nil? end end This works when creating initial expansions to validate that no current expansions contain the cards. However, this (falsely) invalidates future updates to the expansion with new cards. In other words: old_exp = Expansion.find(1) old_exp.card_ids # returns [1,2,3,4,5] new_exp = Expansion.new new_exp.card_ids = [6,7,8,9,10] new_exp.save # returns true new_exp.card_ids << [11,12] # no other Expansion contains these cards new_exp.valid? # returns false ... SHOULD be true

  Read the article

• How do I assign a value from params, or session, whichever exists?

  - by irkenInvader

  What is the "Rails-way" or the "Ruby-way" of doing the following: In my controller, I'm creating and instance of an Options class. It will be initialized with information in the params hash if the params hash exists. Otherwise, it will check the sessions hash for the information. Finally, it will initialize with defaults if neither params nor session has the data it needs. Here is how I'm doing it now (it works fine, but it seems a little ugly): if params[:cust_options] @options = CustomOptions.new( params[:cust_options] ) else if session[:cust_options @options = CustomOptions.new( session[:cust_options] ) else @options = CustomOptions.new end end session[:cust_options] = @options.to_hash Like I said, everything is working fine, I'm just looking for a more idiomatically Ruby way of writing this block of code.

  Read the article

1