问题
There are a lot of role-based authorization plugins out there. They work great when you know in advance what the roles are going to be. For example, if I know I'm going to have administrators, super_users, and not_so_super_users.
What I really want is to be able to create custom roles and assign that role to a user. At this point, I am simply wanting to block access to controllers / actions based on a user's custom role. Roles will consist of permissions.
For example, Jane Doe can add and view widgets, but she can't delete or edit them. John Doe can add, view, and edit. The Boss can add, view, edit, and delete. I want to be able to check if the user is authorized to access a controller / action in one line:
user.is_authorized?
is_authorized (or whatever it is called) should be intelligent enough to determine if the user is authorized based on their assigned role and that role's permission set.
Am I making sense? Is there anything out there that does this?
回答1:
Please try plugin acl9 for role based application.
acl9
回答2:
I would use declarative_authorization and simply create multiple roles for each function.
So have a specific role to edit,update,create,destroy a widget (4 different roles).
Then just associate the user with multiple roles, saves reimplementing the wheel.
回答3:
Maybe try canard https://rubygems.org/gems/canard it uses all the dynamic authorisation of cancan and adds roles to it. I wrote it specifically to solve this problem.
来源:https://stackoverflow.com/questions/3301412/rails-dynamic-role-based-authorization-plugin