Hello,I am quite new on rails. Currently making CRUD apps in rails 3.0
in windows.
I've used devise [1.1.rc0] for authentication.In those apps, any
logged
in user can change other user's details.

How can I design the app, so that any logged in user can edit/remove
his details only if he wishes to do so and can only view others'
records.
I am trying to say that users should be recognized by his unique
username/email id and as per that he should be assigned the writing
privileges on his records only.

After logging in he should be directed to his own page,where his
details are stored.He can Update and Delete any of his details
there.But can only View the main page where his record will be kept
with other records.He should not be able to remove or edit others'
records.

Thanks,

Pallav

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Search Discussions

  • Gerbdla at Feb 7, 2012 at 8:51 pm
    I understand most of your requirements except this one
    "But can only View the main page where his record will be kept
    with other records."

    I would use devise along with an authentication scheme
    here is a link for railscasts on authentication
    http://railscasts.com/episodes?utf8=%E2%9C%93&search=authorization

    you would assign the roles so a user can edit his own records
    and only view others

    do you have anything like this installed? What are you using for
    logging in a user?




    On Feb 7, 8:31 am, Pallav_bfs wrote:
    Hello,I am quite new on rails. Currently making CRUD apps in rails 3.0
    in windows.
    I've used devise [1.1.rc0] for authentication.In those apps, any
    logged
    in user can change other user's details.

    How can I design the app, so that any logged in user can edit/remove
    his details only if he wishes to do so and can only view others'
    records.
    I am trying to say that users should be recognized by his unique
    username/email id and as per that he should be assigned the writing
    privileges on his records only.

    After logging in he should be directed to his own page,where his
    details are stored.He can Update and Delete any of his details
    there.But can only View the main page where his record will be kept
    with other records.He should not be able to remove or edit others'
    records.

    Thanks,

    Pallav
    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
  • Don at Feb 9, 2012 at 2:56 am

    How can I design the app, so that any logged in user can edit/remove
    his details only if he wishes to do so and can only view others'
    records.
    I am trying to say that users should be recognized by his unique
    username/email id and as per that he should be assigned the writing
    privileges on his records only.
    CanCan is probably the most popular access control solution for Rails. It
    can easily accomplish what you describe, and more. It works fine with
    Devise. You can probably do what you want with just Devise, but I would
    really recommend CanCan - and it is really not that difficult to implement.
    Here is a good rails cast for it:
    http://railscasts.com/episodes/192-authorization-with-cancan . There has
    been a a lot of capability added since that was recorded, so be sure to
    look at the latest release notes for CanCan on github.

    --
    You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/dtPdtu8UrCwJ.
    To post to this group, send email to rubyonrails-talk@googlegroups.com.
    To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedFeb 7, '12 at 4:31p
activeFeb 9, '12 at 2:56a
posts3
users3
websiterubyonrails.org
irc#RubyOnRails

3 users in discussion

Don: 1 post Pallav_bfs: 1 post Gerbdla: 1 post

People

Translate

site design / logo © 2022 Grokbase