Mark Kenny
Reputation: 1648
declarative authorization has_(not)_permission_on
I have a (relatively) large rails app which uses declarative authorization for role based permissions. Admin users currently have the following permissions:
role :administrator do
has_omnipotence
end
I need to add a higher role (root) which can exclusively have permissions on certain actions.
The obvious thing to do is to get rid of has_omnipotence from the administrator role block and manually add all permissions on all controllers but root_accounts, but this is painful. Is there a way that I could do something like the following?
role :root do
has_permission_on [:root_accounts], :to => [:new, :create ... ]
end
role :administrator do
has_omnipotence {except [:root_accounts], :to => [:new, :create ...]}
end
Upvotes: 0
Views: 114
Answers (1)
xiangxin
Reputation: 409
There's no such syntax. But you can check for a specific role in your view/controller:
<% unless has_role?(:administrator) %>
<%= link_to 'New root account', new_root_account_path %>
<% end %>
or
def create
permission_denied if has_role?(:administrator)
...
end
It's not very scalable tho.
Upvotes: 0
Related Questions
- how to use declartive_Authorization in rails engine
- declarative_authorization Gem not working on JSON/XML requests
- declarative_authorization Authorization.current_user error
- Why does declarative_authorization break the functionality of my controller? - Rails 3
- declarative_authorization permissions on roles
- declarative_authorization and user context
- Declarative Authenication, Unable to register user
- undefined local variable or method `role' for User:
- All permissions with declarative_authorization
- declerative_authorization on User problem