Screencast: Declarative Authorization
16.11.2009
Benutzer-Authorisierung wird in vielen, wenn nicht sogar in den meisten, Applikationen benötigt. Wie dies umgesetzt werden kann zeigt Ryan in seinem dieswöchigen Screencast.
Dowload:
Download (36.4 MB, 15:27)
Alternative download für iPod & Apple TV (21.6 MB, 15:27)
Resourcen:
- Declarative Authorization
- Rails Authorization Plugins
- Episode 160: Authologic
- Episode 17: HABTM Checkboxes
- Full Episode Source Code
Quellcode:
sudo rake gems:install
# config/environment.rb
config.gem "declarative_authorization", :source => "http://gemcutter.org"
# config/authorization_rules.rb
authorization do
role :admin do
has_permission_on [:articles, :comments], :to => [:index, :show, :new, :create, :edit, :update, :destroy]
end
role :guest do
has_permission_on :articles, :to => [:index, :show]
has_permission_on :comments, :to => [:new, :create]
has_permission_on :comments, :to => [:edit, :update] do
if_attribute :user => is { user }
end
end
role :moderator do
includes :guest
has_permission_on :comments, :to => [:edit, :update]
end
role :author do
includes :guest
has_permission_on :articles, :to => [:new, :create]
has_permission_on :articles, :to => [:edit, :update] do
if_attribute :user => is { user }
end
end
end
# application_controller.rb
before_filter { |c| Authorization.current_user = c.current_user }
protected
def permission_denied
flash[:error] = "Sorry, you are not allowed to access that page."
redirect_to root_url
end
# articles_controller.rb
filter_resource_access
<!-- articles/show.html.erb -->
<p>
<% if permitted_to? :edit, @article %>
<%= link_to "Edit", edit_article_path(@article) %> |
<% end %>
<% if permitted_to? :destroy, @article %>
<%= link_to "Destroy", @article, :method => :delete, :confirm => "Are you sure?" %> |
<% end %>
<%= link_to "Back to Articles", articles_path %>
</p>
...
<p>
<% if permitted_to? :edit, comment %>
<%= link_to "Edit", edit_comment_path(comment) %>
<% end %>
<% if permitted_to? :destroy, comment %>
| <%= link_to "Destroy", comment, :method => :delete, :confirm => "Are you sure?" %>
<% end %>
</p>
<!-- articles/index.html.erb -->
<% if permitted_to? :create, Article.new %>
<p><%= link_to "New Article", new_article_path %></p>
<% end %>
Eingestellt am 16.11.2009 um 15:00
Kategorie: Tutorials
Suchen auf rubyonrails.de
Tags
2.0 Action Active-Record ActiveRecord Ajax Buch Capistrano Enterprise Event Formulare Gewinnspiel Grundlagen IDE irb jQuery Kochbuch Konferenz Mac OpenRoRBook OReilly OSX Passenger Phusion Plugin PragProgs Rails Rails 3 RailsWayCon Release Release Candidate Routing Ruby Ruby 1.9 RubyGems rubyonrails.de Ryan Bates Scaffolding Screencast Script-Tip Security Tutorial Upgrade Video Views WindowsAktuelle Artikel
- Alle Links zu Rails 3
- Rails 3 Upgrade Handbook PDF
- Ruby on Rails 3: Moderne Webentwicklung mit Ruby
- Rails 3.0 ist fertig
- Screencast: Polling nach Aktualisierungen
- Screencast: Sortierbare Tabellen
- Subversion und .svn Verzeichnisse finden und löschen
- Screencast: Upgrade auf Rails 3 Teil 3
- Screencast: Upgrade auf Rails 3 Teil 2
- Screencast: Upgrade auf Rails 3 Teil 1
Artikel Archiv
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- May 2009
- April 2009
- March 2009
- February 2009
- December 2008
- November 2008
- August 2008
- July 2008
- June 2008
- May 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
Aktuelle Rails Version + Abhängigkeiten:
Gem rails-3.0.0actionmailer (= 3.0.0, runtime)
actionpack (= 3.0.0, runtime)
activerecord (= 3.0.0, runtime)
activeresource (= 3.0.0, runtime)
activesupport (= 3.0.0, runtime)
bundler (~> 1.0.0, runtime)
railties (= 3.0.0, runtime)
Rails auf Rubyforge
Rails auf Github