新手问题 devise & cancan & rolify

suyuhang · 2014年04月22日 · 最后由 algo31031 回复于 2014年04月22日 · 3897 次阅读

有人有这三个的视频或者学习资料嚒?求一份 谢谢各位了(我是个初学者)

初学者照着这个来就好了 http://railstutorial-china.org/

devise 这个即使你会用了你也搞不明白他是怎么实现的 cancan 简单的权限控制根本不需要

rolify 我没用过,不知道

#1 楼 @miclle 对对 大哥您说的确实是,我会用 devise 但是就是不明白怎么实现的,您给我发的这个 非常感谢,谢谢您了

既然是初学者,在你熟悉 Rails 之前,建议不要接触这类东西,尤其是 Devise

可以把之前项目的 ability.rb 文件给你参考下

#coding: utf-8
class Ability
  include CanCan::Ability

  def initialize(user, mall=nil, product=nil)
    user ||= User.new # guest user (not logged in)
    if user.has_role? :admin
      can :manage, :all
    else

############ All ##############    

      can [:read], User do |do_user|
        user.has_role?(:admin, mall) && do_user.has_role?(:user, mall)
      end
      can [:read, :update], User do |do_user|
        do_user.id == user.id || ( do_user.mall_id == mall.id && user.has_role?(:admin, mall) )
      end
      can [:add_admin], User do |do_user|
        user.id == mall.owner_id && do_user.mall_id == mall.id
      end      
      can [:remove_admin], User do |do_user|
        user.id == mall.owner_id && do_user.mall_id == mall.id
      end

############ aidou_users ##############         

      can [:create], Org do |org|
        user.has_role?(:org_user)
      end
      can [:read,:update], Org do |org|
        user.has_role?(:admin, org)
      end
      can [:index], Mall do |mall|
        user.has_role?(:admin, mall.org)
      end
      can [:show], Mall
      can [:create], Mall do |mall|
        user.has_role?(:org_user) 
      end
      can [:update], Mall do |mall|
        user.has_role?(:admin, mall)
      end

############ mall_admins && mall_users ##############         

      can [:read], Teacher do |teacher|
        mall.can_serve?(false, "Teacher", :read)
      end
      can [:create, :created], Teacher do |teacher|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Teacher", :create)
      end
      can [:update, :destroy], Teacher do |teacher|
        (user.has_role?(:admin, mall) || ( user.has_role?(:mall_teacher, mall) && teacher.user_id == user.id)) && mall.can_serve?(false, "Teacher", :update)
      end      
#-------------------------------------------------------        
      can [:read], Product do |product|
        mall.can_serve?(false, "Product", :read)
      end
      can [:grouped], Product do |product|
        mall.can_serve?(false, "Product", :read) && product.accepts_user?(user)
      end
      can [:create, :update, :destroy, :enable, :disable, :update_grouping, :edit_grouping], Product do |product|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Product", :create)
      end
#-------------------------------------------------------      
      can [:index], Episode do |episode|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Episode", :read)
      end
      can [:show], Episode do |episode|
        (user.has_role?(:admin, mall) || user.can_read_item?(episode, product)) && mall.can_serve?(true, "Episode", :show)
      end
      can [:create, :update], Episode do |episode|
        user.has_role?(:admin, mall) && mall.can_serve?(true, "Episode", :create, true)
      end
      can [:destroy], Episode do |episode|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Episode", :destroy)
      end      

      can [:index], Live do |live|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Live", :read)
      end
      can [:show], Live do |live|
        (user.has_role?(:admin, mall) || user.can_read_item?(live, product)) && mall.can_serve?(true, "Live", :show)
      end
      can [:create, :update], Live do |live|
        user.has_role?(:admin, mall) && mall.can_serve?(true, "Live", :create)
      end
      can [:destroy], Live do |live|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Live", :destroy)
      end              

      can [:index], FaceToFace do |f2f|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Episode", :read)
      end
      can [:show], FaceToFace do |f2f|
        user.has_role?(:admin, mall) && mall.can_serve?(true, "Episode", :show)
      end
      can [:create, :update, :destroy], FaceToFace do |f2f|
        user.has_role?(:admin, mall) && mall.can_serve?(true, "Episode", :update)
      end
#-------------------------------------------------------        
      can [:read], Order do |order|
        ((user.has_role?(:admin, mall) && order.mall_id == mall.id) || (order.user_id == user.id)) && mall.can_serve?(false, "Order", :read)
      end
      can [:check], Order do |order|
        user.has_role?(:admin, mall) && can_serve?(false, "Order", :read)
      end
      can [:waiting, :checkout, :paid], Order do |order|
        order.user_id == user.id && mall.can_serve?(false, "Order", :checkout)
      end
      can [:create], Order do |order|
        user.id != nil && mall.can_serve?(false, "Order", :create)
      end
      can [:update, :destroy, :clear_waiting], Order do |order|
        (order.user_id == user.id) && order.status == Order::STATUS["未付款"] && mall.can_serve?(false, "Order", :destroy)
      end
#-------------------------------------------------------        
      can [:read], Transaction do |t|
        (user.has_role?(:admin, mall) && t.mall_id == mall.id) || (t.user_id == user.id)
      end
      can [:update, :destroy], Transaction do |t|
        (t.user_id == user.id) && t.status == Order::STATUS["未付款"]
      end      
#-------------------------------------------------------        
      can [:create], Paper do |paper|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Paper", :create)
      end
      can [:manage], Paper do |paper|
        user.has_role?(:admin, mall) && paper.mall_id == mall.id && mall.can_serve?(false, "Paper", :manage)
      end      
      can [:read], Paper do |paper|
        user.has_role?(:user, paper.mall) && mall.can_serve?(false, "Paper", :read)
      end
#-------------------------------------------------------        
      can [:create], Question do |question|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Question", :create)
      end
      can [:manage], Question do |question|
        user.has_role?(:admin, mall) && question.mall_id == mall.id && mall.can_serve?(false, "Question", :manage)
      end      
#-------------------------------------------------------        
      can [:create], Answer do |answer|
        ( user.has_role?(:admin, mall) || user.has_role?(:user, mall) ) && mall.can_serve?(false, "Answer", :create)
      end
      can [:read, :incorrect_answers], Answer do |answer|
        answer.user_id == user.id && mall.can_serve?(false, "Answer", :read)
      end
#-------------------------------------------------------       
      can [:read], WatchingRecord do |rec|
        user.has_role?(:admin, rec.mall) || user.id == rec.user_id 
      end
#-------------------------------------------------------       
      can [:create], Category do |cat|
        user.has_role?(:admin, mall)
      end
      can [:manage], Category do |cat|
        user.has_role?(:admin, mall) && cat.mall_id == mall.id 
      end          
      can [:read] ,Category do |cat|
        user.has_role?(:admin, mall) 
      end
#-------------------------------------------------------  
      can [:manage, :close], Comment do |comment|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Comment", :manage)
      end
      can [:create], Comment do |comment|      
        product.accepts_user?(user, comment.commentable) && mall.can_serve?(false, "Comment", :create)  
      end

      can [:manage], Like do |l|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Comment", :manage) 
      end      
      can [:create], Like do |l|      
        mall.can_serve?(false, "Comment", :create)  
      end
#-------------------------------------------------------       
      can [:index], Payment do |p|
        user.has_role?(:admin, mall) || (user.has_role?(:mall_teacher, mall) && p.user_id == user.id)
      end
#-------------------------------------------------------     
      can [:read], Face do |face|
        (user.has_role?(:admin, mall) || user.id = face.user_id) && mall.can_serve?(false, "Face", :read)
      end
      can [:create], Face do |face|
        (user.has_role?(:admin, mall) || user.has_role?(:user, mall)) && mall.can_serve?(false, "Face", :create)
      end
      can [:destroy], Face do |face|
        (user.has_role?(:admin, mall) || user.id = face.user_id) && mall.can_serve?(false, "Face", :destroy)
      end      
#-------------------------------------------------------
      can [:manage], Group do |group|
        user.has_role?(:admin, mall) && mall.can_serve?(false, "Mall", :show)
      end 
#-------------------------------------------------------
      can [:create], UserQuestion do |quest|
        if product
          user.can_read_item?(quest.questionable, product) && mall.can_serve?(false, "Problem", :create)
        else
          mall.can_serve?(false, "Problem", :create)
        end
      end    
      can [:index, :update, :destroy], UserQuestion do |quest|
        (user.has_role?(:admin, mall) || user.id == quest.user_id) && mall.can_serve?(false, "Problem", :create)
      end

      can [:create], UserAnswer do |answer|
        mall.can_serve?(false, "Problem", :create)
      end    
      can [:index, :update, :destroy], UserAnswer do |answer|
        (user.has_role?(:admin, mall) || user.id == answer.user_id) && mall.can_serve?(false, "Problem", :create)
      end

    end
  end
end
需要 登录 后方可回复, 如果你还没有账号请 注册新账号