Permalink
Fetching contributors…
Cannot retrieve contributors at this time
49 lines (41 sloc) 1.43 KB
# derzeit genutzte Rollen:
# * ADMIN
# * EDITOR
# * APPROVER
# * USER
#
# Pfad-Zugriffsregeln
# Aufbau:
# path(<path>).grant[.method(<methode>)][.not][.role(<role>)][.extension(<ext_method>[, <expected_value>)]
# or
# path(<path>).deny[.method(<methode>)][.not][.role(<role>)][.extension(<ext_method>[, <expected_value>)]
# with
# <method>: HTTP-Method name as Symbol (:get, :put, :post, :delete) or :all
path('/').grant.method(:get)
path(:all).grant.role(:ADMIN)
path('/user/lock').deny.role(:USER).role(:APPROVER)
path('/statistic').grant.right(:STATISTIK_SHOW)
path('/special').grant.extension(:special?, :area1)
path('/pictures') do
grant.role(:admin)
deny.role(:guest)
end
#
# Model-Object-Zugriffsregeln
# Aufbau:
# model(<ModelClass>).grant.method(<access-method>)[.role(<role>)][.extension(<method>[, <expected_value>])]
# or
# model(<ModelClass>).deny.method(<access-method>)[.not][.role(<role>)][.extension(<method>[, <expected_value>])]
# or
# model(<ModelClass> do
# grant..method(<access-method>)[.role(<role>)][.extension(<method>[, <expected_value>])]
# deny.method(<access-method>)[.role(<role>)][.extension(<method>[, <expected_value>])]
# ...
# end
model(Dashboard).grant.method(:view)
model(Todo) do
grant.method(:view)
grant.method(:full_view).role(:ADMIN)
grant.method(:update).role(:EDITOR).extension(:owned_by?) # calls Todo.owned_by?(current_user)
grant-method(:delete).not.role(:ADMIN)
end