CMS Fiona lets you assign read permissions to published content to control which visitors should be permitted to access this content. These permissions are given to user groups you can also access by means of the Rails Connector in order to evaluate them.
If dedicated read permissions have been assigned to the released version of a CMS object, the Rails Connector automatically blocks this content depending on the visitor's group memberships. When attempting to access blocked content, the Rails Connector delivers a 403 error page.
To change this behavior, you can override the method that performs this check. This method is common to all Obj models, i.e. to all object classes:
# app/models/obj.rb class Obj < RailsConnector::BasicObj … def permitted_for_user?(user) is_editable = RailsConnector::Configuration.mode == :editor return true if is_editable or (permissions.live & user.groups).size > 0 return false end … end
The code in the example above checks whether at least one of the user's groups (maintained by your own user management) is contained in the list of groups assigned to the live read permission (permissions.live
) of the CMS object in question. Thus, user.groups
needs to be implemented in accordance with your user model.
Note that different permissions
can be queried, depending on the mode in which the Rails Connector is operating.
editor
mode, the list of the groups permitted to read
, write
, act as root
, or create_children
of the object are available.normal
mode, the live
permission groups of the CMS object can be queried.The Rails Connector offers no functionality to authenticate users. This functionality can be provided by using one of the several publicly-available gems. What the Rails Connectors does offer, though, is an interface for making a user model known to your application. To use it, override the following methods:
# app/controller/application_controller.rb class ApplicationController < ActionController::Base … def current_user return User.from_session(session[:user]) if session[:user] end def logged_in? return current_user.nil? end def admin? return current_user.admin? end … end