Simply add
access-granted to your Gemfile:gem 'access-granted', '~> 1.0.0'
then bundle and run the generator to create your starter AccessPolicy:
rails generate access_granted:policy
which you can find in
app/policies/access_policy.rb.
Forums are a good showcase of user hierarchy I mentioned above, because they usually need a hierarchical permission system based on the following roles:
- moderators
- registered users
- guests
The order in which roles are sorted is also the order of importance. The moderator is the role with the most permissions and the guest is the role with the least.
In Access Granted roles are defined in the same, top-to-bottom, order:
class AccessPolicy
include AccessGranted::Policy
def configure
role :moderator, proc { |user| user.moderator? } do
# permissions will go here
end
role :member, proc { |user| user.registered? } do
# permissions will go here
end
role :guest do
# permissions will go here
end
end
end
Every role has a name and an optional predicate to check if it’s active for the user.
Note: Above you can see me using
.moderator? and .registered? methods inside the Procs - these are app-specific and may come from, for example, ActiveRecord::Enum module.More at
https://blog.chaps.io/2015/11/13/role-based-authorization-in-rails.html
No comments:
Post a Comment