开发者

When using CanCan, how can I specify permissions for all subclasses of a given class?

开发者 https://www.devze.com 2023-02-06 23:01 出处:网络
In my model, I have a fair number of subclasses of the model Item. I would like to be able to specify that for a given role, their permissions for Item apply to all of the subclasses of Item without l

In my model, I have a fair number of subclasses of the model Item. I would like to be able to specify that for a given role, their permissions for Item apply to all of the subclasses of Item without listing them explicitly; if I add new Item subclasses I don't want to have to remember to update permissions. How can I achieve this?

For example, this permission

if user.role? :customer_service
   can :read, Item
end

does not allow a customer service rep to read开发者_如何学JAVA details of a Cabinet, where Cabinet < Item.


I think you could do this by sending a block to the can declaration. Perhaps like this:

if user.role? :cutomer_service
  can do |action, subject_class, subject|
    # Checks if action is :read and if subject_class is a subclass of Item
    action == :read && subject_class < Item
  end
end

I have not tested this, but I think it should work.

0

精彩评论

暂无评论...
验证码 换一张
取 消