Access level and hierarchy when marking a checkboxes

2

Talk, people, beauty? Can you help me with something? I'll explain:

I log in with the admin user and it shows all permissions on the system. As an example, suppose you have 10 (index, show, create, update, user delete and profile). Out of these 10 I set 4, save and create a new user. When logging in with this new user, I just want it to show the 4 checkboxes I marked and not the 10 as shown previously. And so on. In short, each new user can only mark a quantity equal to or lower than the checkboxes marked by the user who created it.

This is my code in the form:

<% Role.to_a.in_groups_of(2, false) do |group| %>
  <div>
    <%- group.each do |role, label| %>
      <div class="col-xs-12 col-sm-12 col-md-6 col-lg-6">
        <%- f.object.permissions.to_a.group_by(&:role).each do |role_name, permissions| %>
          <% next if "#{role}" != "#{role_name}" -%>
          <br /><br />
          <div class="row">
  <div class="col-xs-12 col-sm-12 col-md-12 col-lg-12">
    <h4><%= role[:label] %></h4>
  </div>
</div>

<div class="row form-group">
  <%- role[:actions].each do |action| %>
    <%- permissions.each do |permission| %>
      <%- next if permission.action != "#{action}" %>
      <%= f.fields_for :permissions, permission do |fp| %>
        <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3">
          <%= fp.hidden_field :id if f.object.persisted? %>
          <%= fp.hidden_field :role %>
          <%= fp.hidden_field :action %>
          <%= fp.label :permit, class: "label-checkbox inline" do %>
            <%= fp.check_box :permit %>
            <%= Role.action(role[:role], action)[:label] %>
          <% end %>
        </div>
      <% end %>
    <% end %>
  <% end %>
  <br/>
  <br />
  <hr/>
</div>
        <% end %>
      </div>
    <% end %>
  </div>
<% end %>

With this code I can always show all the permissions, regardless of the user. How to solve this? ANNAGAMENTE, I had done it this way and it worked:

<div style="margin-bottom: 5px">
  <div style="float: left;" class="input-group">
    <% if current_usuario.admin? %>
      <%= f.collection_check_boxes :funcionalidade_ids, Funcionalidade.all, :id, :descricao %>
    <% else %>
      <%= f.collection_check_boxes :funcionalidade_ids, current_usuario.perfil.funcionalidades, :id, :descricao %>
    <% end %>
  </div>
  <div style="clear: both;"></div>
</div>

But how much has changed the system, the way it is currently can no longer do the previous way :( Give me some strength, please! Hugs!

    
asked by anonymous 03.10.2016 / 15:35

1 answer

2

Create a scope that matches the permissions to the user type ( role ), so you can get permissions for the logged in user.

In the view you would do something like:

role.permissions.each

    
11.10.2016 / 20:30