Declarative authorization and the if_attribute not working_问答_开发者

Declarative authorization and the if_attribute not working

开发者 https://www.devze.com 2023-01-02 06:22 出处：网络

I\'ve been having almost the same issues as Victor Martin (you can see the questions asked here). I\'ve got declarative authorization working for just about everything that doesn\'t involve using con

I've been having almost the same issues as Victor Martin (you can see the questions asked here).

I've got declarative authorization working for just about everything that doesn't involve using conditionals. E.g.

has_permis开发者_运维问答sion_on :users, :to => [:edit, :update, :destroy] do
if_attribute :user => is { current_user }
end

Are there any common pitfalls with Declarative Authorization? I'm using authlogic and I'm suspicious the 'current_user' method in the application controller might be the source of the problem.

Note that if you are using "filter_access_to" in your controllers, you need to make sure you have ":attribute_check => true". Without it, the conditional "if_attribute" declarations don't do anything.

More details about this in the Declarative Authorization docs

You need to add this to your ApplicationController if you haven't already:

before_filter :set_current_user
protected
def set_current_user
  Authorization.current_user = current_user
end

Then your rules would look like this:

has_permission_on :users, :to => [:edit, :update, :destroy] do
  if_attribute :user => is { user }
end

As far as I know declarative_authorization doesn't call any methods on the crontroller and doesn't know what current_user means in your example, but it give's you an instance of Authorization.current_user called user that you can use in your authorization_rules.rb file.