声明授权和has_and_belongs_to_many
-
14-11-2019 - |
题
声明授权我有一个很少的问题。我有一个用户和角色模型,具有has_and_belongs_to_many协会。
我在我的授权中创建了一个名为:superator的角色。
是否有可能具有角色主持人的用户只获取将主持人角色分配给它的用户? - > user.with_permissions_to(:索引)
我认为这是可能的:
role :moderator do
has_permission_on :users, :to => :index do
if_attribute :roles => contains { ????? }
end
end
.
我还在我的用户模型中创建了一个named_scope,因为我认为它会有所帮助...
class User
has_and_belongs_to_many :roles
named_scope :by_role, lambda { |role|
{
:include => :roles,
:conditions => {"roles.name" => role}
}
}
end
.
是否有人知道是否有可能使用声明_Authorization进行此操作?
谢谢你的帮助!
解决方案
I did something similar in one of my projects but found dec_auth really confusing at the time. I think this is what you need to do:
authorization_rules.rb:
role :moderator do
has_permission_on :users, :to => :index
end
User Model:
class User < ActiveRecord::Base
using_access_control
end
Controller:
@users = User.with_permissions_to(:index)
Let me know if that doesn't work.
不隶属于 StackOverflow