How do I create custom authorization rules to a particular action in a controller in Rails 3?
I have a User model, but I would like another model (Client
) to have unique authorization access to a particular ac开发者_开发知识库tion of another controller.
I do not want the Client model to access an action in the Client
controller. I want the Client
model to access the compare
action of the stages
controller.
How do I do that ?
Edit1: I should have specified. I have devise & decl_auth already installed. But devise & decl_auth are managing my Users
. I need to have more authorization rules for another model outside of the Users
model.
If you set up CanCan, this should be a fairly easy thing to do. Here's a link to the RailsCast showing how something like this can be done, http://railscasts.com/episodes/192-authorization-with-cancan.
Extensive docs are here: https://github.com/ryanb/cancan/wiki
精彩评论