search

chaps-io / access-granted

Multi-role and whitelist based authorization gem for Rails (and not only Rails!)
MIT License
774 stars 41 forks source link

WIP: Scopes for roles #33

Closed badlamer closed 5 years ago

badlamer commented 8 years ago

Create scopes and resolvers for roles. What do you think of it?

There is no way to write tests.

pokonski commented 8 years ago

Can you show an example what's it about and why do you think AG needs it? The code doesn't say much.

There is no way to write tests.

There is always a way :)

badlamer commented 8 years ago

Example. This for different object scopes for different user roles.

class MemberRole < AccessGranted::Role
  def configure
    can :create, Post
    can :destroy, Post do |post, user|
      post.author == user
    end

    scope :my_posts, Post do |criteria, user|
      criteria.where(author_id: user.id)
    end
  end
end

class AdminRole < AccessGranted::Role
   scope :my_posts, Post # empty scope, all objects
end

class PostsController
  def show
    @posts = resolve :my_posts, Post.where(published: true) # support base object or criteria
  end
end
badlamer commented 8 years ago

Made like this, but for different roles.

badlamer commented 8 years ago

ping @pokonski