我正在使用Rails 4应用程序中的简单授权。每个用户都有一个角色;然后我设置了他们可以访问的页面,例如:
AUTH_MODERATOR_DEFINITIONS = {"articles" => "index",
"readers" => "index"}
然后,在控制器动作中,我将调用:
def index
check_permissions(current_admin)
...
end
在ApplicationController:
def check_permissions(current_admin)
if current_admin.role == 1 # for moderators
# find a pair key-vale AUTH_DISPATCHER_DEFINITIONS that matches `params[:controller]` and `params[:action]
else
redirect_to root_path, :alert => "No permission"
end
end
但是如何根据关键的AND值搜索哈希?
提前谢谢。
答案 0 :(得分:1)
您可以这样做:
key = params[:controller]
value= params[:action]
p is_permitted = (AUTH_MODERATOR_DEFINITIONS[key] == value)
但是,我认为您可能会在某个时刻将哈希值中的值修改为数组,因为控制器不太可能只有一个操作,因此用户可以访问多个操作。例如:
AUTH_MODERATOR_DEFINITIONS = {
"articles" => "index",
"readers" => "index",
"commenters" => ["index","new","update"] # Added by me to show possible use case
}
考虑到上述情况,我认为你可以做这样的事情。这将适用于两种情况(您的示例,以及我对该示例的扩展)
key = params[:controller]
value= params[:action]
p is_permitted = [AUTH_MODERATOR_DEFINITIONS[key]].flatten.include?(value)