Re: [Rails] Re: Proper Coding Question

Ruby on Rails Friday, October 5, 2018

> On Oct 5, 2018, at 4:17 AM, Rob Jonson <rob.jonson@gmail.com> wrote:
>
> again - taste and preference here.
>
> my issue with `policy_scope(User)` in the view isn't that it is complex code, clearly it isn't.
>
> it's more that I don't want my view to know or care about authorisation.
>
> I think when you're talking about a select 'policy_scope(User).collect', you're asking the view to run the following
>
> A) get a bunch of users
> B) make sure you only get the ones you're allowed
> C) do something with that info
>
> I don't like having step B in the view, and would move that to the model (or if appropriate the controller).

All good points. My issue with having this in the model is that you then have to pass that separate (orthogonal) User model into the process from the controller, since the model has no idea who is using it, or when. The controller knows all of these things already, so I put it there (or in a helper, where it is running in the same space).

Walter

>
> then the view logic will be more like
>
> A) take whatever thing I'm given
> b) display something about that thing
>
>
>
>
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/191a9289-750b-4b52-8fb2-219717ec9acb%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/215008FA-B4F4-4612-96F4-9FC5F5F38D33%40wdstudio.com.
For more options, visit https://groups.google.com/d/optout.

Posted by Ruby on Rails at 6:10 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)