开发者

declarative_authorization and /authorization_rules access problem

问答 作者:

i have configured to use authlogic and declarative_authorization and configured authorization_rules.rb. All is fine but on attemp to access localhost/authorization_rules i see "You are not allowed to access this action.". I've added 

has_permission_on :authorization_rules, :to => [:index, :show]

but nothing changed :( In logs i see

Processing AuthorizationRulesController#index (for 127.0.0.1 at 2010-05-08 14:00:01) [GET]
  Parameters: {"action"=>"index", "controller"=>"authorization_rules"}
  User Load (1.0ms)   SELECT * FROM "us开发者_C百科ers" WHERE ("users"."id" = 1) LIMIT 1
  SQL (1.8ms)   BEGIN
  User Update (0.6ms)   UPDATE "users" SET "updated_at" = '2010-05-08 10:00:01.443532', "perishable_token" = E'Narj4gmDdGiCuna9p_ht', "last_request_at" = '2010-05-08 10:00:01.440280' WHERE "id" = 1
  SQL (1.4ms)   COMMIT
  Role Load (1.3ms)   SELECT "roles".* FROM "roles" INNER JOIN "assignments" ON "roles".id = "assignments".role_id WHERE (("assignments".user_id = 1)) 
Permission denied: No matching rules found for read for #<User id: 1, login: "alec", email: "alec@alec-c4.com", crypted_password: "cb0af876f2ae63f40b82eb7b8eb24e1f739a3d80e6afd4e9e36...", password_salt: "SBdGRsh5roMoaYOANkHN", persistence_token: "e356eb5d39c032ca3088f2fe9868941f70c396a7ed7eb082028...", single_access_token: "nABARs1vURbXmp1Yuc6e", perishable_token: "Narj4gmDdGiCuna9p_ht", confirmed: true, active: true, activation_code: nil, activated_at: "2010-03-07 20:51:46", login_count: 9, failed_login_count: 0, last_request_at: "2010-05-08 10:00:01", current_login_at: "2010-04-09 18:38:24", last_login_at: "2010-04-06 20:03:25", current_login_ip: "127.0.0.1", last_login_ip: "127.0.0.1", friends_count: 0, created_at: "2010-03-07 20:51:20", updated_at: "2010-05-08 10:00:01"> (roles [:admin, :super_moderator, :news_moderator, :news_maker], privileges [:read], context :authorization_rules).
Filter chain halted as [:filter_access_filter] rendered_or_redirected.

any idea?

I use both authlogic and declarative_authorization in my application and it works fine for me.

In config/authorization_rules.rb I have:

authorization do
  role :guest do
    has_permission_on :roles, :to => :read
    has_permission_on :permissions, :to => :read # assignments in your case.
  end

  role :user do
    includes :guest
  end

  role :admin do
    has_permission_on :authorization_rules, :to => :read
    has_permission_on :authorization_usages, :to => :read    
  end
end

privileges do
  privilege :manage, :includes => [:create, :read, :update, :delete]
  privilege :read, :includes => [:index, :show]
  privilege :create, :includes => :new
  privilege :update, :includes => :edit
  privilege :delete, :includes => :destroy
end

Of cause my account has :user and :admin roles. My models are:

class Role < ActiveRecord::Base
  using_access_control

  attr_accessible :name

  has_many :permissions, :dependent => :destroy
  has_many :users, :through => :permissions, :uniq => true  
end

class Permission < ActiveRecord::Base
  using_access_control

  attr_accessible :role_id, :user_id

  belongs_to :user
  belongs_to :role
end

class User < ActiveRecord::Base
  has_many :permissions, :dependent => :destroy
  has_many :roles, :through => :permissions

  acts_as_authentic

  def role_symbols
    @role_symbols ||= (roles || []).map {|r| r.name.underscore.to_sym}
  end
end

If you properly configured declarative_authorization, you should have in your User model (or whatever model you use with authlogic) role_symbols method (btw not necessary exactly the same as in the example above):

At last my routes are:

suggest_change_authorization_rules GET    /authorization_rules/suggest_change(.:format)    {:controller=>"authorization_rules", :action=>"suggest_change"}
        change_authorization_rules GET    /authorization_rules/change(.:format)            {:controller=>"authorization_rules", :action=>"change"}
         graph_authorization_rules GET    /authorization_rules/graph(.:format)             {:controller=>"authorization_rules", :action=>"graph"}
               authorization_rules GET    /authorization_rules(.:format)                   {:controller=>"authorization_rules", :action=>"index"}
              authorization_usages GET    /authorization_usages(.:format)                  {:controller=>"authorization_usages", :action=>"index"}

And you should have ruby_parser gem installed.

Maybe it help you.

p.s: Весело писать по-английски, сидя в Москве, человеку, который тоже находится в Москве :)

继续阅读:authlogicdeclarative-authorizationruby-on-rails

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9