问题描述:

I have devise for authentication and i have to make specific users to have only view permission for that particular projects and create and read permission for the same user for different projects similarly the rest of the users should have permissions for projects. And this permission should be editable so that the user with role admin has to edit the permission for the users. How can i do this?

网友答案:

Ryan Bates' CanCan gem would answer most of your requirements. Check out the RailsCast episode on CanCan for a quick intro: http://railscasts.com/episodes/192-authorization-with-cancan

Not sure if it - off the shelf - provide for graphically editing the permissions, but I think it could be implemented with the available functionality in CanCan.

网友答案:

I don't have any experience with Rails but I guess, you are looking for an Object Level Permission which could be used to control the CRUD operation on individual objects for each User.

add_permission --> List of User
view_permission --> List of User
delete_permission --> List of User
update_permission --> List of User
add_excluded_user_permission --> List of User
view_excluded_user_permission --> List of User
delete_excluded_user_permission --> List of User
update_excluded_user_permission --> List of User

You may inherit following properties to you class which is mainly a list of User defined for a particular operation and then, you may consider creating an API which could be used to check a User against these permissions.

相关阅读:
Top