Ruby 如何使用cancan定义条件能力
我正在使用cancan gem进行授权。我已经定义了ability.rb模块来初始化不同模块的角色及其权限Ruby 如何使用cancan定义条件能力,ruby,ruby-on-rails-3.2,authorization,cancan,Ruby,Ruby On Rails 3.2,Authorization,Cancan,我正在使用cancan gem进行授权。我已经定义了ability.rb模块来初始化不同模块的角色及其权限 `def initialize(user) user ||= User.new # guest user (not logged in) members = user.members members.each do |member| role = member.role if role.presence permissions = role.permissions
`def initialize(user)
user ||= User.new # guest user (not logged in)
members = user.members
members.each do |member|
role = member.role
if role.presence
permissions = role.permissions
permissions.each do |permission|
actions = Array.new
actions = permission.activity_name.split(",") if permission.activity_name.presence
app_module = permission.application_module
actions.each do |action|
if app_module.module_name == "Project"
Rails.logger.debug "in if"
can action.downcase.to_sym, app_module.module_name.constantize, :id => member.project_id if action.presence
elsif app_module.module_name == "Sequence"
Rails.logger.debug "in sequence and project id is #{member.project_id} and action is #{action}"
can action.downcase.to_sym, app_module.module_name.constantize, :project_id => 0..1 if action.presence
else
Rails.logger.debug "Module name is #{app_module.module_name}"
can action.downcase.to_sym, app_module.module_name.constantize if action.presence
end
end
end
end
end
结束`
在这里,用户分配了一个项目,项目有许多序列。
若用户分配了一个id为1的项目,那个么我只能获取项目id为1的序列
我写了一封信-
加载和授权资源
已正确获取项目控制器的权限,但如果我传递项目id,则序列控制器的权限也不会限制到其他项目
谁能帮我一下吗?你的
ability.rb
文件中有条件能力
您可以在ability.rb文件中执行以下操作:
can [:<actions>], Sequence do |sequence|
sequence.project.user_id == user.id
end
can[:],Sequence do | Sequence|
sequence.project.user_id==user.id
结束