Edw*_*ith 12 ruby-on-rails cancan ruby-on-rails-3
我对rails(3)相对较新,并且正在使用CanCan构建一个应用程序,其中有3层用户.
我的能力现在是bog-stock,从cancan docs复制,基本上定义了guest角色和admin角色
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # Guest user
if user.is_admin?
can :manage, :all
else
can :read, [Asana,Image,User,Video,Sequence]
end
end
end
我想添加用户角色.由于我正在创建那个一次性用户模型,我想过使用new_record?确定用户是否已登录.就像是:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # Guest user
if !user.new_record? and user.is_admin?
can :manage, :all
elsif !user.new_record? and !user.is_admin?
can {registered user-y permissions}
else
can :read, [Asana,Image,User,Video,Sequence]
end
end
end
但是,它感觉不对.似乎有点与实际登录相关,并且担心它是否真正安全.
寻求更优雅的方式来做这个建议.
谢谢!
tom*_*sop 21
好问题,我使用较低到较高权限的方法:
class Ability
include CanCan::Ability
def initialize(user)
# Guest User
unless user
can :read, [Asana,Image,User,Video,Sequence]
else
# All registered users
can {registered user-y permissions}
# Admins
if user.is_admin?
can :manage, :all
end
end
end
end
这样,如果明天你有其他角色进行集成,你可以添加一个case语句,如下所示:
class Ability
include CanCan::Ability
def initialize(user)
# Guest User
unless user
can :read, [Asana,Image,User,Video,Sequence]
else
# All registered users
can {registered user-y permissions}
# Different roles
case user.role
when 'admin'
can :manage, :all
when 'manager'
can :manage, [Video, Image, Sequence]
end
end
end
end
| 归档时间: |
|
| 查看次数: |
4462 次 |
| 最近记录: |