Topic: Confused with Roles

Hi,

I am trying to develop a store application to use with my business. this is my first rails application (other than the blog and tweet apps i created for practice while learning online).

First i would like to explain what i am trying to achieve and later will explain where i am stuck.

I am a office stationary vendor.  I have various clients as organizations who purchase from me. I want to give an online tool for them to place orders, view their existing/historical orders, pull their weekly/monthly/annual invoice.

Few important points to understand. These organizations have various departments. orders will be placed by these departments.

Users placing order should be able to able to review his orders only

Dept head should be able to to access all the orders placed by users in his department.

Finance and Procurement department should be able to view orders from the entire organization.

Me and My Assistant should be able to see all orders placed by all organizations.

One dept head should not be able to view the other dept's order. Nor. one organization should be able to view the others orders/invoice...

Now I am confused in :-
1. how to define/assign roles
2. I can create order history on basis of current_user helper method.. but i am confused in how to pull order history on basis of departments and organization.

Please provide your views...

Thanks in Advance for the help
Ajay

P.S. I have time but not money... ppl who wish to contact me on selling their skill for money - No thanks, I cannot afford.

Re: Confused with Roles

What authentication plugin are you using if any?

You mention current_user,  is that from your own authentication code,  or are you getting that from some Plugin?

I see two questions,  one about Roles,  one about restricting queries based on something (current_user, current_user's role)

I think you'll need several layers

user
customer
user's role within customer

i.e.

A user can only see his orders,  unless his role is Manager, in that case he can see the orders of ANY user that belongs to the same customer that he belongs to.

Is that what you are after?

Joe got a job, on the day shift, at the Utility Muffin Research Kitchen, arrogantly twisting the sterile canvas snout of a fully charged icing anointment utensil.

Re: Confused with Roles

BradHodges wrote:

What authentication plugin are you using if any?

You mention current_user,  is that from your own authentication code,  or are you getting that from some Plugin?

I see two questions,  one about Roles,  one about restricting queries based on something (current_user, current_user's role)

I think you'll need several layers

user
customer
user's role within customer

i.e.

A user can only see his orders,  unless his role is Manager, in that case he can see the orders of ANY user that belongs to the same customer that he belongs to.

Is that what you are after?

Thanks Brad for the reply...

Yes i created own authentication system directly by following railcasts.com episode http://railscasts.com/episodes/270-auth … -rails-3-1 and current_user was explained in it, so querying individual details are easy to filter using the userid.

and you are correct about the layers what i am looking to resolve the dept specific queries.

Re: Confused with Roles

First thing you'd have to do is add a role attribute to your user model.

Then you'd have to create a relationship between your User Model and your Client Model,  assuming Client model represents your Client Companies that the users belong to.

i.e.

class User < ActiveRecord::Base
  belongs_to :client
end

I havn't read that tutorial,  but I'll assume the current_user helper returns a User Model instance

You could do this:

def index
  if current_user.role = "Mgr"
    @orders = Order.find(:all,:conditions=>['client_id = ?', current_user.client.id])
  else
    @orders = Order.find(:all, :conditions=>['user_id = ?', current_user.id])
  end
end
Joe got a job, on the day shift, at the Utility Muffin Research Kitchen, arrogantly twisting the sterile canvas snout of a fully charged icing anointment utensil.