当前位置：文江博客话题详情

允许用户指定哪些属性可供公众使用的最佳方式？

发布于 2024-12-12 19:40:40 字数 145 浏览 3 评论 0原文

在我的一张表（卖家）中，所有字段都需要用户的许可才能供其他人（注册或未注册）查看。我可以遍历并为每个列创建一个关联的列，例如。（列 1、列 1_隐私、列 2、列 2_隐私）。然而，这似乎是多余且糟糕的设计。

Rails 中有没有更优雅的解决方案？提前致谢。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

陈独秀 2024-12-19 19:40:40

我不会称其为多余或糟糕的设计。如果您想要每列访问控制，那么在某个地方您将需要每列一个标志；您可以将所有这些标志打包到一个序列化结构中，但这样您就会与关系数据库作斗争：

添加或删除列时，序列化 ACL 会发生什么情况？你是把它们全部再生还是只是积累残渣？
如果您需要在查询中包含标志会发生什么？在 SQL 中解压打包的标志 blob 会很困难，而在 Ruby 中解压可能会非常昂贵。

您可以使用包含列名称的单独 EAV 样式表，但在添加和删除列时仍然需要清理它。使用 EAV 表进行查询往往很快就会变得一团糟。

每个访问控制列都有一个标志列，易于设置、易于查询、易于编辑、易于自动构建表单，并且可以轻松避免数据库混乱。额外的列可能会让你的桌子有点宽，但我不会太担心。

额外的列可以轻松地从模型中提取可显示的信息：

def viewable_parts
  %w{column1 column2 column3}.each_with_object({}) do |col, h|
    h[col] = self.send(col) if(self.send(col + '_privacy')
  end
end

然后您可以在控制器中这样说：

@display_info = model.viewable_parts

并且您的视图不必过多担心访问控制，它们只需显示哈希中的内容即可。当然，这个技巧可以与其他实现一起使用，但如果您使用“隐私栏”想法，那就非常简单了。

I wouldn't call it redundant or bad design. If you want per-column access control then somewhere you're going to need one flag per column; you can pack all those flags into one serialized structure but then you'd be fighting against your relational database:

What happens to your serialized ACLs when you add or remove a column? Do you regenerate them all or do you just accumulate cruft?
What happens if you need to include the flags in a query? You're going to have a hard time unpacking your packed flag-blob in SQL and doing the unpacking in Ruby could be very expensive.

You could use a separate EAV-style table that contains column names but you'd still have to clean it as you add and remove columns. And querying with an EAV table tends to turn into an ugly mess quite quickly.

One flag-column for each access controlled column is easy to set up, easy to query, easy to edit, easy to automatically build forms for, and makes it easy to not make a mess in your database. The extra columns may make your tables a little on the wide side but I wouldn't worry about that too much.

The extra columns make it easy to extract the displayable information from your model:

def viewable_parts
  %w{column1 column2 column3}.each_with_object({}) do |col, h|
    h[col] = self.send(col) if(self.send(col + '_privacy')
  end
end

Then you can say things like this in your controller:

@display_info = model.viewable_parts

and your views don't have to worry too much about the access control, they can just show what's in the Hash. This trick can, of course, be used with the other implementations but it is dead easy if you use your "privacy column" idea.

回复收藏 0 原文

我偏爱纯白色 2024-12-19 19:40:40

您可以创建一个名为 SharedColumn 的关联模型

rails g scaffold SharedColumn name:string, seller_id:integer

Seller:

has_many :shared_columns

SharedColumn

belongs_to :seller

然后您可以使用 column_names 方法来迭代复选框列表，例如此

控制器

@blacklisted_columns = [id, other_non_pubic_column]

视图

<% Seller.column_names.each do |column_name| %>
     <% unless @blacklisted_columns.include?(column_name) %>
          #Generate your checkboxes and labels here
     <% end %>
<% end %>

You could create a associated model named SharedColumn

rails g scaffold SharedColumn name:string, seller_id:integer

Seller:

has_many :shared_columns

SharedColumn

belongs_to :seller

Then you may use the column_namesmethod for iteration of a list of checkboxes like this

Controller

@blacklisted_columns = [id, other_non_pubic_column]

View

<% Seller.column_names.each do |column_name| %>
     <% unless @blacklisted_columns.include?(column_name) %>
          #Generate your checkboxes and labels here
     <% end %>
<% end %>

回复收藏 0 原文

~没有更多了~