当前位置: 文江博客话题详情

权限和角色存储在 DB、rails 3.1 中

发布于 2024-12-21 06:56:44 字数 179 浏览 0 评论 0原文

在我的应用程序中,我想以这样的方式实现角色和权限,以便用户管理员可以在他们的浏览器中创建新角色。所以我需要权限表和角色表,其中每个角色都是权限的组合。现在我使用 CanCan gem,但这种行为不是这个 gem 的默认行为,最后我得到了非常复杂的角色结构和检查权限。谁能告诉我什么宝石提供了这种行为,或者也许我应该在没有任何宝石的情况下实现它?

原文

In my app I want to implement roles and permissions in them in such way, that users admins can create new roles in their browsers. So I need permissions table and roles table, where every role is a combination of permissions. For now I used CanCan gem, but this behavior is not default for this gem and finally I got very complicated structure of roles and checking permissions. Can anybody tell me what gem provides this behavior or maybe I should make it without any gems?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

樱桃奶球 2024-12-28 06:56:44

请参阅数据库中的功能来自 CanCan wiki 的其他用户的能力

class Ability
  include CanCan::Ability

  def initialize(user)
    can do |action, subject_class, subject|
      user.permissions.find_all_by_action(aliases_for_action(action)).any? do |permission|
        permission.subject_class == subject_class.to_s &&
          (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
      end
    end
  end
end

编辑
一些负载优化:

class Ability
  include CanCan::Ability

  def initialize(user, context = nil)
    if context.nil?
      can do |action, subject_class, subject|
        user.permissions.find_all_by_action(aliases_for_action(action)).any? do |permission|
          permission.subject_class == subject_class.to_s &&
           (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
      end
    elsif context == :post
      can :manage, Post, :id => y
    elsif context == :users
      can :manage, User, :id => x
    end
  ...

在控制器中:

class UsersController
  protected
  def current_ability
    Ability.new(current_user, :users)

class PostsController
  protected
  def current_ability
    Ability.new(current_user, :posts)

See Abilities in Database and Ability for Other Users from the CanCan wiki:

class Ability
  include CanCan::Ability

  def initialize(user)
    can do |action, subject_class, subject|
      user.permissions.find_all_by_action(aliases_for_action(action)).any? do |permission|
        permission.subject_class == subject_class.to_s &&
          (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
      end
    end
  end
end

EDIT
Some load optimizations:

class Ability
  include CanCan::Ability

  def initialize(user, context = nil)
    if context.nil?
      can do |action, subject_class, subject|
        user.permissions.find_all_by_action(aliases_for_action(action)).any? do |permission|
          permission.subject_class == subject_class.to_s &&
           (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
      end
    elsif context == :post
      can :manage, Post, :id => y
    elsif context == :users
      can :manage, User, :id => x
    end
  ...

And in controllers:

class UsersController
  protected
  def current_ability
    Ability.new(current_user, :users)

class PostsController
  protected
  def current_ability
    Ability.new(current_user, :posts)
回复 原文
~没有更多了~

关于作者

狼性发作

暂无简介

文章
评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

饮湿

文章 0 评论 0

明月

文章 0 评论 0

02

文章 0 评论 0

hs1283

文章 0 评论 0

风向决定发型

文章 0 评论 0

落花浅忆

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文