Custom actions and filtering in the template #87
Labels
Comments
|
Did you figure it out? |
no |
|
You should never hard-code the role like that. This will never restrict the data. You should ask: "can the current user's role(s) do that?" <% if (ac.can(currentUser.roles).update('postView')) { %>
<ul>
<!-- Allowed content -->
</ul>
<% } %>About your other question; AC currently supports CRUD actions only which virtually covers any action that could be applied to a resource (similar to the REST methodology). You just need to decide what the resource is, in your application's context. You can read the F.A.Q. for more insight to what I mean. But in future, I plan for enabling custom actions. |
onury
added
question
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello!
I use express, passport and ejs template engine in my application
The documentation describes CRUD actions, but I need to create my own operations, such as shuffling a post, splitting a post, showing a download button, allowing downloading, etc.
How can i do this?
How can I check access to several (for example 10) functions in a template?
For example, I need to display a list of links for administering publications, such as creating, editing, moving, deleting, etc.
My template:
I understand correctly that if I need to check when and why to display this or that link, will I have to write such a check?
and if I have 10 conditions(I have 10 roles - User, Editor, Admin, Moderator etc..), then will I have to write all of them into the IF condition?
The text was updated successfully, but these errors were encountered: