Enabling access rights
-
Good afternoon.
class Ability
can :manage, Company do |company| user.available_roles.include?(company.role) endclass User
belongs_to :company delegate :admin?, :operator?, :agent?, :sales?, :visitor?, :available_roles, :role, to: :companyclass Company
has_many :usersdef admin?
role == 'admin'
enddef operator?
role == 'operator'
enddef agent?
role == 'agent'
enddef sales?
role == 'sales'
enddef visitor?
role == 'visitor'
enddef available_roles
case role
when 'admin'
%w[visitor sales agent operator admin]
when 'operator'
%w[visitor sales agent]
else
[]
end
end
class CompaniesController
authorize_resourcedef new
@company = Company.new
respond_with @company
enddef create
@company = Company.create(company_params)
respond_with @company
end
In establishing the Companies, Admin can define the role of companies
%w[visitor sales agent operator admin]When establishing the Companies, the Operator can determine the role of companies only
[visitor sales agent]Through the console:
User.lastThat's it. user rights operator» Ability.new(User.last).can? :manage, Company.new(role: :admin, name: 'Company Administrator')
User Load (1.5ms) SELECT "users".* FROM "users" ORDER BY "users"."id" DESC LIMIT 1
Company Load (0.8ms) SELECT "companies".* FROM "companies" WHERE "companies"."id" = $1 LIMIT 1 [["id", 4]]false
» Ability.new(User.last).can? :manage, Company.new(role: :agent, name: 'Company Agent')
User Load (1.4ms) SELECT "users".* FROM "users" ORDER BY "users"."id" DESC LIMIT 1
Company Load (0.5ms) SELECT "companies".* FROM "companies" WHERE "companies"."id" = $1 LIMIT 1 [["id", 4]]true
But through the web interface, the operator can create a company with a role. admin and operator♪
Please tell me what's wrong?
-
Helped. class CompaniesController
authorize_resourcereplacedload_and_authorize_resource
