[英]declarative_authorization and /authorization_rules access problem
我已經配置為使用authlogic和declarative_authorization並配置了authorization_rules.rb。 一切都很好,但是嘗試訪問localhost / authorization_rules時,我看到“不允許您訪問此操作。”。 我已經添加
has_permission_on :authorization_rules, :to => [:index, :show]
但沒有任何改變:(在日志中,我看到了
Processing AuthorizationRulesController#index (for 127.0.0.1 at 2010-05-08 14:00:01) [GET]
Parameters: {"action"=>"index", "controller"=>"authorization_rules"}
User Load (1.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1) LIMIT 1
SQL (1.8ms) BEGIN
User Update (0.6ms) UPDATE "users" SET "updated_at" = '2010-05-08 10:00:01.443532', "perishable_token" = E'Narj4gmDdGiCuna9p_ht', "last_request_at" = '2010-05-08 10:00:01.440280' WHERE "id" = 1
SQL (1.4ms) COMMIT
Role Load (1.3ms) SELECT "roles".* FROM "roles" INNER JOIN "assignments" ON "roles".id = "assignments".role_id WHERE (("assignments".user_id = 1))
Permission denied: No matching rules found for read for #<User id: 1, login: "alec", email: "alec@alec-c4.com", crypted_password: "cb0af876f2ae63f40b82eb7b8eb24e1f739a3d80e6afd4e9e36...", password_salt: "SBdGRsh5roMoaYOANkHN", persistence_token: "e356eb5d39c032ca3088f2fe9868941f70c396a7ed7eb082028...", single_access_token: "nABARs1vURbXmp1Yuc6e", perishable_token: "Narj4gmDdGiCuna9p_ht", confirmed: true, active: true, activation_code: nil, activated_at: "2010-03-07 20:51:46", login_count: 9, failed_login_count: 0, last_request_at: "2010-05-08 10:00:01", current_login_at: "2010-04-09 18:38:24", last_login_at: "2010-04-06 20:03:25", current_login_ip: "127.0.0.1", last_login_ip: "127.0.0.1", friends_count: 0, created_at: "2010-03-07 20:51:20", updated_at: "2010-05-08 10:00:01"> (roles [:admin, :super_moderator, :news_moderator, :news_maker], privileges [:read], context :authorization_rules).
Filter chain halted as [:filter_access_filter] rendered_or_redirected.
任何想法?
我在我的應用程序中同時使用了authlogic和clarification_authorization,它對我來說很好用。
在config / authorization_rules.rb中,我有:
authorization do
role :guest do
has_permission_on :roles, :to => :read
has_permission_on :permissions, :to => :read # assignments in your case.
end
role :user do
includes :guest
end
role :admin do
has_permission_on :authorization_rules, :to => :read
has_permission_on :authorization_usages, :to => :read
end
end
privileges do
privilege :manage, :includes => [:create, :read, :update, :delete]
privilege :read, :includes => [:index, :show]
privilege :create, :includes => :new
privilege :update, :includes => :edit
privilege :delete, :includes => :destroy
end
原因是我的帳戶具有:user和:admin角色。 我的模型是:
class Role < ActiveRecord::Base
using_access_control
attr_accessible :name
has_many :permissions, :dependent => :destroy
has_many :users, :through => :permissions, :uniq => true
end
class Permission < ActiveRecord::Base
using_access_control
attr_accessible :role_id, :user_id
belongs_to :user
belongs_to :role
end
class User < ActiveRecord::Base
has_many :permissions, :dependent => :destroy
has_many :roles, :through => :permissions
acts_as_authentic
def role_symbols
@role_symbols ||= (roles || []).map {|r| r.name.underscore.to_sym}
end
end
如果正確配置了declarative_authorization,則應該在User模型(或與authlogic一起使用的任何模型)中使用role_symbols方法(但不必與上面的示例完全相同):
最后,我的路線是:
suggest_change_authorization_rules GET /authorization_rules/suggest_change(.:format) {:controller=>"authorization_rules", :action=>"suggest_change"}
change_authorization_rules GET /authorization_rules/change(.:format) {:controller=>"authorization_rules", :action=>"change"}
graph_authorization_rules GET /authorization_rules/graph(.:format) {:controller=>"authorization_rules", :action=>"graph"}
authorization_rules GET /authorization_rules(.:format) {:controller=>"authorization_rules", :action=>"index"}
authorization_usages GET /authorization_usages(.:format) {:controller=>"authorization_usages", :action=>"index"}
並且您應該已經安裝了ruby_parser gem。
也許對您有幫助。
ps:Веселописатьпо-английски,сидявМоскве,человеку,которыйтоженаходитсявМоскве:)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.