开发者

Declarative authorization with nested resources

开发者 https://www.devze.com 2023-02-05 07:36 出处:网络
I\'m coming here as a last resort, tried everything.Its just not working. So here goes. Here is my authorization code:

I'm coming here as a last resort, tried everything.Its just not working. So here goes.

Here is my authorization code:

role :department_admin do
#Department has many users through designations  
  has_permission开发者_如何转开发_on [:departments], :to => [:manage] do
    if_attribute :designations => contains {user.designation}
  end
  has_permission_on :users, :to => [:read]
  has_permission_on :users, :to => [:create, :update, :destroy] do
    if_permitted_to :manage, :department
  end

My Controller code for departments:

filter_resource_access
#and the rest

And in users_controller :

filter_resource_access :nested_in => :departments
# and the rest

I'm trying to follow the pattern used in the example app given on the declarative_authorization github page, but in vain.

So with this configuration when I try to create a new user

I get

Couldn't find Department without an ID

Any head's up or a tip could really help.

0

精彩评论

暂无评论...
验证码 换一张
取 消