我正在按照本教程http://blog.endpoint.com/2012/01/ruby-on-rails-rights-attributes.html为我的rails4应用程序设置授权机制。
我已创建数据模型但不管理(从控制台)获取用户的权限(通过all_rights方法)。
在用户模型中,User对象如何通过RightAssignment调用“self.rights”作为权限,而不是直接来自User?
我的模特:
class User < ActiveRecord::Base
has_many :right_assignments, as: :subject
has_and_belongs_to_many :groups
has_and_belongs_to_many :roles
def all_rights
rights = [self.rights +
self.groups.collect { |g| g.allowed_rights } +
self.roles.collect { |r| r.rights }]
rights = rights.flatten.uniq.collect { |r| r.action }
rights
end
end
class Group < ActiveRecord::Base
has_many :right_assignments, as: :subject
has_and_belongs_to_many :users
def allowed_rights
self.assignable_rights ? self.rights : []
end
end
class Role < ActiveRecord::Base
has_many :right_assignments, as: :subject
has_and_belongs_to_many :users
end
class RightAssignment < ActiveRecord::Base
belongs_to :right
belongs_to :subject, polymorphic: true
end
class Right < ActiveRecord::Base
has_many :right_assignments
end
有什么想法吗?
答案 0 :(得分:1)
您可以使用:through
class User < ActiveRecord::Base
has_many :right_assignments, as: :subject
has_many :rights, :through => :right_assignments
has_and_belongs_to_many :groups
has_and_belongs_to_many :roles