Allow developers to specify which permissions are required on ActsAsContentPages #221

peakpg opened this Issue May 6, 2011 · 0 comments


None yet
1 participant

peakpg commented May 6, 2011

Imported from lighthouse. Original ticket at: Created by Patrick Peak - 2009-12-01 19:38:41 UTC

Developers should be able to write code similar to:

MyController < ApplicationController
include Cms::Acts::ContentPage
requires_permission [:edit_content, :do_other_stuff], :only=>[:create, :edit]

This would specify a before_filter that check the current_user to determine if they have any of specified permissions. Would take the same filter options (:only, :except).

This would also require adding the concept of 'scope' for global permissions. Currently, to make this work you would need to put users into the 'CMS User' type of group in order to give them global permissions which is undesirable. This would allow permissions to be marked for which group type they should be for. :edit_content could be only for 'Cms Users' and developers could define new permissions specifically for 'public' users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment