active_scaffold_overrides../../vendor/plugins/active_scaffold/frontends/default/views
Source
/controllers/secured_records_controller.rb
class SecuredRecordsController < DemoController
active_scaffold do |config|
config.columns = [:name, :message, :owner]
columns[:owner].ui_type = :select
end
end
/models/secured_record.rb
class SecuredRecord < ActiveRecord::Base
belongs_to :owner, :class_name => 'Login', :foreign_key => 'login_id'
validates_presence_of :name, :message
def authorized_for_destroy?
# you can only destroy your own records
return true unless existing_record_check?
return (current_user and current_user == self.owner)
end
def message_authorized_for_update?
# you can only update your own messages
return true unless existing_record_check?
return (current_user and current_user == self.owner)
end
def owner_authorized_for_update?
# can never change the owner
false
end
end
/helpers/secured_records_helper.rb
module SecuredRecordsHelper
def owner_column(record)
return '' unless record.owner
content = record.owner.to_label
content = "<span class='restricted'>#{content}</span>" unless current_login and record.owner == current_login
content
end
end