发表新帖
发表新帖

Get a string that represents a user's CanCan abilities

前端 未结
关注
2 1706
名媛妹妹
名媛妹妹 2021-02-01 10:07

I want to cache a Post view, but the view depends on the permissions of the current user (e.g., I only show the \"edit\" link if current_user.can?(:edit, @pos

相关标签:
2条回答
  • 遥遥无期
    2021-02-01 10:26

    I wanted to send my abilities to JS, and to follow up on this post, here's my helper method that you can use to convert your user abilities to an array in your controller. I then call .to_json on the array an pass it to javascript.

    def ability_to_array(a)
  a.instance_variable_get("@rules").collect{ |rule| 
  { 
    :subject => rule.instance_variable_get("@subjects").map { |s| s.name }, 
    :actions => rule.instance_variable_get("@actions").map { |a| a.to_s }
  }
}
end

    And here's my Backbone.js model that implements the can() method:

    var Abilities = Backbone.Model.extend({
  can : function(action, subject)
  {
    return _.some(this.get("abilities"), function(a) {
      if(_.contains(a["actions"], "manage") && _.contains(a["subject"], "all")) return true;
      return _.contains(a["actions"], action) && _.contains(a["subject"], subject);
    });
   }
});
    0 讨论(0)
  • 时光取名叫无心
    2021-02-01 10:31

    EDIT: revised for CanCanCan

    As of version 1.12 of CanCanCan (the community continuation of CanCan), Ability.new(user).permissions returns a hash with all permissions for the given user.

    Previous answer (CanCan):

    This might be a little complex...but here it goes..

    If you pass the specified User into the Ability model required by CanCan, you can access the definition of that users role using instance_variable_get, and then break it down into whatever string values you want from there..

    >> u=User.new(:role=>"admin")
>> a=Ability.new(u)
>> a.instance_variable_get("@rules").collect{ 
      |rule| rule.instance_variable_get("@actions").to_s
   }
=> ["read", "manage", "update"]

    if you want to know the models in which those rules are inflicted upon, you can access the @subjects instance variable to get its name..

    here is the model layout for Ability from which I worked with (pp)

    Ability:0x5b41dba @rules=[
  #<CanCan::Rule:0xc114739 
    @actions=[:read], 
    @base_behavior=true, 
    @conditions={}, 
    @match_all=false, 
    @block=nil, 
    @subjects=[
      User(role: string)]>, 
  #<CanCan::Rule:0x7ec40b92 
    @actions=[:manage], 
    @base_behavior=true, 
    @conditions={}, 
    @match_all=false, 
    @block=nil, 
    @subjects=[
      Encounter(id: integer)]>, 
  #<CanCan::Rule:0x55bf110c 
    @actions=[:update], 
    @base_behavior=true, 
    @conditions={:id=>4}, 
    @match_all=false, 
    @block=nil, 
    @subjects=[
      User(role: string)]>
]
    0 讨论(0)
 看不清?
提交回复
热议问题