我正在编写 API,我需要向 api 用户公开所有可用的权限以及 id 和其他信息。
我有以下结构
class User < ApplicationRecord
has_many :permissions, dependent: :destroy
end
class Permission < ApplicationRecord
belongs_to :user, dependent: :destroy
end
而且我有能力
class Ability
include CanCan::Ability
def initialize(user)
user_permissions(user)
dynamic_permissions(user)
end
def user_permissions(user)
can :manage, :dashboard if user.admin?
end
def dynamic_permissions(user)
user.permissions.each do |permission|
#...
next branch_permissions(permission) if permission.subject_class == 'branch'
end
end
def branch_permissions(permission)
can permission.action.to_sym, Branch, id: permission.allowed_ids
end
并且在控制器中我想获得该用户可能的所有权限=>
cancannot所以我希望以下内容能够以cancancan的方式完成,提供伪代码
Ability.new(User.find(params[:id]).dynamic_permissions =>
# {:can=>{:manage=>{"dashboard"=>[]}, :read=>{"Branch"=>['id1', 'id2']}, :index=>{"Branch"=>['id1', 'id2']}, :show=>{"Branch"=>['id1', 'id2']}}, :cannot=>{}}
当前
#permissions{:can=>{:manage=>{"dashboard"=>[]}, :read=>{"Branch"=>[]}, :index=>{"Branch"=>[]}, :show=>{"Branch"=>[]}}, :cannot=>{}}
我知道我可以修改和编写自定义方法来获取所有这些,但我想知道实现此目的的公认方法是什么。
好吧,其实很简单。阅读资源有帮助。
def branch_permissions(permission)
can permission.action.to_sym, Branch, id: permission.allowed_ids
end
此代码应更改为
def branch_permissions(permission)
can permission.action.to_sym, Branch, id: permission.allowed_ids.map(&:to_sym)
end
此方法 parse_attributes_from_extra_args 会将符号视为内部状态的属性,然后在权限中将按我的预期显示这一点。您可以将这些符号序列化为字符串然后
# Ability.new(User.find(params[:id]).permissions
=> {:can=>{:manage=>{"dashboard"=>[]}, :read=>{"Branch"=>[:id1, :id2]}, :index=>{"Branch"=>['id1', 'id2']}, :show=>{"Branch"=>[:id1', :id2]}}, :cannot=>{}}