rails-engine / role_core Goto Github PK
View Code? Open in Web Editor NEW🔐A Rails engine providing essential industry of Role-based access control.
License: MIT License
🔐A Rails engine providing essential industry of Role-based access control.
License: MIT License
DEPRECATION WARNING: Passing the coder as positional argument is deprecated and will be removed in Rails 7.2.
Please pass the coder as a keyword argument:
serialize :permissions, coder: #Class:0x00007f9662d92ec0
报告一个问题:
7f8f88025d6e5a6dc34e5fa8c1ff7ef24e2ef4b7
此版本引入的psych 4.0.3
会引起visit_Psych_Nodes_Alias': Unknown alias: redis (Psych::BadAlias)
错误。
此错误无法正常解析yaml中的alias
只要yaml文件中有如下语法,就会报这个错误:
redis: &redis
redis_host: 127.0.0.1
redis_port: 6379
development:
<<: *redis
staging:
<<: *redis
ruby: 2.7.5
rails: 6.1.4
目前的解决办法是在gemfile中这样引入:
gem "role_core", github: "rails-engine/role_core", ref: "8578d64"
gem "psych", "~> 3.3.2"
在一个controller中,有部分是为页面的autocomplete插件准备的,比如下面这个搜索返回供应商名称:
#cancancan定义
load_and_authorize_resource
skip_authorization_check :only => :check_purchase_supplier
def check_purchase_supplier
@purchase_supplier = PurchaseSupplier.search_name(params[:term]).map(&:name)
render json: @purchase_supplier
end
在使用了role_core后,后台页面接收到JSON,但被截断了,302跳转:
Started GET "/expense/get_expense_type?term=+" for ::1 at 2020-11-04 21:48:40 +0800
Processing by ExpenseController#get_expense_type as JSON
Parameters: {"term"=>"浙江"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT $2 [["id", 1], ["LIMIT", 1]]
↳ app/helpers/session_helper.rb:8:in `current_user'
Role Load (0.5ms) SELECT "roles".* FROM "roles" INNER JOIN "role_assignments" ON "roles"."id" = "role_assignments"."role_id" WHERE "roles"."type" = $1 AND "role_assignments"."user_id" = $2 [["type", "Role"], ["user_id", 1]]
↳ app/models/user.rb:24:in `map'
Redirected to http://localhost:3000/
Completed 302 Found in 26ms (ActiveRecord: 0.7ms | Allocations: 14019)
目前发现把这个check_purchase_supplier
加入config/initializers/role_core.rb
再赋予role能通过验证,但类似的controller有很多,这种通用的内容不应该重复多处设定。
不知道是否已经有别的解决方法但我没有发现?
It seems that the type column in roles table is set to 'Role' automatically. And when querying for roles, there is "roles.type in ('Role')" in the where clause. I wonder why you set the column
Using user has single role
#<Role:0x00000001067e6ab0
id: 1,
name: "Admin",
permissions: #<Global:OptionsModel {:admin=>{:list_user=>true}}>,
type: "Role",
created_at: Fri, 18 Mar 2022 04:14:04.399774000 UTC +00:00,
updated_at: Fri, 18 Mar 2022 04:14:04.401617000 UTC +00:00>
require "role_core/contrib/can_can_can_permission"
RoleCore.permission_class = RoleCore::CanCanCanPermission
RoleCore.permission_set_class.draw do
group :admin, subject: :manage_users do
permission :list_user, action: :index
end
end.finalize!
def index
authorize! :index, :manage_users
@users = User.all
render json: @users
end
authorize! :index, :manage_users
, raise exception "exception": "#<NoMethodError: undefined method
_namespace' for : manage_users:Symbol>",`Note: I see the difference lately is @options, for previous versions @options={}
instead of @options={:_namespace=>[:admin], :_priority=>0, :_callable=> true}
比如 对 StatisticController
有 orders
action
role_core.rb中这样定义
group :statistic do
permission :orders
end
应该是没有配置model_name选项
现在问题是 对没有model的controle如何配置权限?
修改保存了角色的权限后,在进入修改页面报错,结果如下:
用户和角色是has_many to has_many
用了cancancan
ActionView::Template::Error (unknown keyword: permitted_classes):
23: </div>
24: </div>
25: <div class="col-md-12">
26: <%= render partial: "permissions", locals: {f: f, name: :permissions_attributes, permissions: role.permissions} %>
27: </div>
28: </div>
29: </div>
It's a tiny issue.
I have a Users , Role Assignments and Roles table. I had created roles 'Admin', 'Integrator' with certain initial permission Create, Edit , Destroy (defined inside config/initializers/role_core.rb).
Please help. Thanks in advance !
如果使用这种形式的block,然后获取自己发布的项目时,会出现
The accessible_by call cannot be used with a block 'can' definition.The SQL cannot be determined for :index Project
@projects = Project.accessible_by(current_ability)
permission :read_own, action: :read do |user, project|
user.id = project.user_id
end
看cancan的wiki好像要用这种方式才行
permission :read_own, action: :read, user_id: user.id
但在role_core.rb中,好像无法传递user
I am facing an issue with updating permissions through raw sql query, as the data in database gets updated but not reflected through active record
*Steps to produce
INSERT INTO roles
(name, type, created_at, updated_at)
VALUES ('Test1', 'Role', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);
UPDATE roles
SET permissions='{"users": {"manage": false}', updated_at = CURRENT_TIMESTAMP
WHERE id = 1;
4 role = Role.last in rails console
#<Role id: 4, name: "Test1", permissions: #<Global:OptionsModel {:users=>{:manage=>true} >, type: "Role", created_at: "2018-06-22 20:24:56", updated_at: "2018-06-22 20:25:22">
Rails 5.2.1
ruby 2.3.6p384
重现步骤:
rails new TestApp
rails g scaffold posts title:string
rake db:migrate是成功的.
Gemfile加入 role_core
rake db:migrate
rake aborted!
NoMethodError: undefined method `force_equality?' for #<ActiveModel::Type::String:0x00005595c4650018>
/home/leo/.rbenv/versions/2.3.6/lib/ruby/gems/2.3.0/gems/activerecord-5.2.1/lib/active_record/relation/predicate_builder.rb:55:in `build'
/home/leo/.rbenv/versions/2.3.6/lib/ruby/gems/2.3.0/gems/activerecord-5.2.1/lib/active_record/relation/predicate_builder.rb:111:in `block in expand_from_hash'
Could you provide a step by step installation or video about it? After all, you did a great job. Congratulations.
It seems that the "type" column in roles table is set to 'Role' automatically. And when querying for roles, there is "roles.type in ('Role')" in the where clause. I wonder why you do it that way and how you do it. I am not able to find any clue in the repo.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.