The third part, the permission design and the use of ACL plug-ins. The sense of this kind of permission design is also very mainstream.
Next, look at how the eol.org is implemented in terms of the permissions design, or what plug-ins are used.
User role design and rights management
The eol.org permission part uses the Acl_system plugin the plug-in, the address is as follows
Http://brainspl.at/articles/2006/02/20/new-plugin-acl_system
Mechanism is as follows:
A user can assign 0 or more roles
One or more controller can belong to a role
So, to ensure that permissions are properly restricted, you can achieve from the following aspects:
1. Ensure that users must log in to access specific action or contoller. Then just add the following statement at the beginning of the controller:
Ruby Code
Before_filter:check_authentication
This check is not a role-related check, but simply provides login restrictions.
2. To achieve specific user access to specific controller. Then you need to add the controller in the specified
Ruby Code
Access_control:D efault => ' role NAME GOES here '
This check will limit the controller read to the user's role, which is assigned to users. If you want to know more about the mechanism, you can consult the Readme documentation for the plugin (ACL_SYSTEM2) we use. The examples there are good.
3. The project also provides a convenient Controller/helper method for checking whether user is subordinate to a particular role or role group. ("Is_user_in_role?")
)
Ruby Code
Do_this_method_only_for_admins if Is_user_in_role? (' Administrator ')
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
