开发者

Rails object based permission/authorization engine?

开发者 https://www.devze.com 2022-12-23 00:59 出处:网络
I want to add \"Sharing documents\" feature to my app, like in google documents service. As i see: User can:

I want to add "Sharing documents" feature to my app, like in google documents service. As i see:

User can:

  • can list/view/create/edit/delete own documents
  • share own document to everyone - its a public document
  • share own document to another user with read-only access
  • share own document to another user 开发者_运维百科with read-write access
  • view list of own documents and users to whom he gave permission to read and write
  • view list of foreign documents
  • view/edit foreign document with read/write permissions

Please tell me, which permission/authorization solution is preffered for my task?


You can look at some authorization plugins available here:

http://www.ruby-toolbox.com/categories/rails_authorization.html

As for object level authorization/permission, it looks like canable can do this:

http://github.com/jnunemaker/canable

From the example in the readme:

class Article
  include MongoMapper::Document
  include Canable::Ables
  userstamps! # adds creator and updater

  def updatable_by?(user)
    creator == user
  end

  def destroyable_by?(user)
    updatable_by?(user)
  end
end

You could also define a viewable_by? method. You would still need some kind of permission fields or association on the document model, but after that you could use canable to simplify authorization in your controller/views.

0

精彩评论

暂无评论...
验证码 换一张
取 消