我已配置为使用authlogic和declarative_authorization并配置了authorization_rules.rb。一切都很好,但在尝试访问localhost / authorization_rules时,我看到“您不能访问此操作。”。我添加了
has_permission_on :authorization_rules, :to => [:index, :show]
但没有改变:(在日志中我看到了
Processing AuthorizationRulesController#index (for 127.0.0.1 at 2010-05-08 14:00:01) [GET]
Parameters: {"action"=>"index", "controller"=>"authorization_rules"}
User Load (1.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1) LIMIT 1
SQL (1.8ms) BEGIN
User Update (0.6ms) UPDATE "users" SET "updated_at" = '2010-05-08 10:00:01.443532', "perishable_token" = E'Narj4gmDdGiCuna9p_ht', "last_request_at" = '2010-05-08 10:00:01.440280' WHERE "id" = 1
SQL (1.4ms) COMMIT
Role Load (1.3ms) SELECT "roles".* FROM "roles" INNER JOIN "assignments" ON "roles".id = "assignments".role_id WHERE (("assignments".user_id = 1))
Permission denied: No matching rules found for read for #<User id: 1, login: "alec", email: "alec@alec-c4.com", crypted_password: "cb0af876f2ae63f40b82eb7b8eb24e1f739a3d80e6afd4e9e36...", password_salt: "SBdGRsh5roMoaYOANkHN", persistence_token: "e356eb5d39c032ca3088f2fe9868941f70c396a7ed7eb082028...", single_access_token: "nABARs1vURbXmp1Yuc6e", perishable_token: "Narj4gmDdGiCuna9p_ht", confirmed: true, active: true, activation_code: nil, activated_at: "2010-03-07 20:51:46", login_count: 9, failed_login_count: 0, last_request_at: "2010-05-08 10:00:01", current_login_at: "2010-04-09 18:38:24", last_login_at: "2010-04-06 20:03:25", current_login_ip: "127.0.0.1", last_login_ip: "127.0.0.1", friends_count: 0, created_at: "2010-03-07 20:51:20", updated_at: "2010-05-08 10:00:01"> (roles [:admin, :super_moderator, :news_moderator, :news_maker], privileges [:read], context :authorization_rules).
Filter chain halted as [:filter_access_filter] rendered_or_redirected.
任何想法?
答案 0 :(得分:0)
我在我的应用程序中使用authlogic和declarative_authorization,它对我来说很好。
在config / authorization_rules.rb中我有:
authorization do
role :guest do
has_permission_on :roles, :to => :read
has_permission_on :permissions, :to => :read # assignments in your case.
end
role :user do
includes :guest
end
role :admin do
has_permission_on :authorization_rules, :to => :read
has_permission_on :authorization_usages, :to => :read
end
end
privileges do
privilege :manage, :includes => [:create, :read, :update, :delete]
privilege :read, :includes => [:index, :show]
privilege :create, :includes => :new
privilege :update, :includes => :edit
privilege :delete, :includes => :destroy
end
原因我的帐户有:user和:admin角色。我的模特是:
class Role < ActiveRecord::Base
using_access_control
attr_accessible :name
has_many :permissions, :dependent => :destroy
has_many :users, :through => :permissions, :uniq => true
end
class Permission < ActiveRecord::Base
using_access_control
attr_accessible :role_id, :user_id
belongs_to :user
belongs_to :role
end
class User < ActiveRecord::Base
has_many :permissions, :dependent => :destroy
has_many :roles, :through => :permissions
acts_as_authentic
def role_symbols
@role_symbols ||= (roles || []).map {|r| r.name.underscore.to_sym}
end
end
如果你正确配置了declarative_authorization,你应该在你的用户模型中(或者你使用authlogic的任何模型) role_symbols 方法(顺便说一下,上面的例子中没有必要完全相同):
最后我的路线是:
suggest_change_authorization_rules GET /authorization_rules/suggest_change(.:format) {:controller=>"authorization_rules", :action=>"suggest_change"}
change_authorization_rules GET /authorization_rules/change(.:format) {:controller=>"authorization_rules", :action=>"change"}
graph_authorization_rules GET /authorization_rules/graph(.:format) {:controller=>"authorization_rules", :action=>"graph"}
authorization_rules GET /authorization_rules(.:format) {:controller=>"authorization_rules", :action=>"index"}
authorization_usages GET /authorization_usages(.:format) {:controller=>"authorization_usages", :action=>"index"}
你应该安装ruby_parser gem。
也许对你有所帮助。
p.s:Веселописатьпо-английски,сидявМоскве,человеку,которыйтоженаходитсявМоскве:)