Rails 4 授权宝石 [英] Rails 4 authorization gem
问题描述
我正在寻找 Rails 4 的授权宝石.之前用过cancan,但现在看起来已经过时了...
I am looking an authorization gem for rails 4. Before I used cancan, but it looks outdated nowadays...
我在这里找到了 the_role https://github.com/the-teacher/the_role这几乎是我想要的,但有一些烦人的问题.也许存在类似的宝石?我需要角色、将角色存储在数据库中以及将操作与规则关联起来.如果 gem 和 bootstrap 配合,效果会很好.
I found the_role here https://github.com/the-teacher/the_role It is nearly what I want, but has a few annoying issues. Maybe similar gems exist? I need roles, store roles in database and association actions with rules. It wound be great if gem cooperate with bootstrap.
附言对于身份验证,我使用设计.
P.S. For authentication I use devise.
推荐答案
CanCanCan
CanCan 是一种流行的授权宝石,由 Ryan Bates(以 RailsCasts 闻名)开发,但在此之前已被废弃到 Rails 4.0 的发布.由于其受欢迎程度,基于社区的 CanCanCan 项目维护了 CanCan 的更新版本.CanCan 提供了一种 DSL(特定领域语言),将所有授权逻辑隔离在一个 Ability 类中.
CanCan was a popular gem for authorization developed by Ryan Bates (best known for RailsCasts) and abandoned prior to the release of Rails 4.0. Due to its popularity, the community-based CanCanCan project maintains an updated version of CanCan. CanCan provides a DSL (domain-specific language) that isolates all authorization logic in a single Ability class.
权威
Pundit gem 在 Rails 授权方面越来越受欢迎.Pundit 是一个授权系统,它使用简单的 Ruby 对象作为访问规则.Pundit 使用名为 app/policies/ 的文件夹,其中包含实现访问规则的普通 Ruby 对象.
The Pundit gem is gaining in popularity for Rails authorization. Pundit is an authorization system that uses simple Ruby objects for access rules. Pundit uses a folder named app/policies/ containing plain Ruby objects that implement access rules.
CanCanCan 或 Pundit 或 ?
随着应用程序复杂性的增加,CanCan Ability 类可能变得笨拙.此外,每个授权请求都需要评估完整的 CanCan Ability 类,从而增加了性能开销.Pundit 还提供了将访问规则隔离到一个中心位置的优势,从而使控制器保持精简.Pundit 策略对象是轻量级的,添加授权逻辑的开销没有 CanCan 多.
As an application grows in complexity, the CanCan Ability class can grow unwieldy. Also, every authorization request requires evaluation of the full CanCan Ability class, adding performance overhead. Pundit also offers the advantage of segregating access rules into a central location, keeping controllers skinny. Pundit policy objects are lightweight, adding authorization logic without as much overhead as CanCan.
简单的基于角色的授权
在 Rails 4.1 中,您可以使用 Active Record Enum.如果您的访问规则很复杂,您可以使用 CanCanCan 或 Pundit 使控制器保持精简,但对于简单的要求,您可能不需要 CanCanCan 或 Pundit.
With Rails 4.1, you can implement role-based authorization using Active Record Enum. You can use CanCanCan or Pundit to keep controllers skinny if your access rules are complex but for simple requirements, you may not need CanCanCan or Pundit.
我写了一篇关于Rails 授权的文章更详细地比较了 CanCanCan 和 Pundit 以及简单的基于角色的授权.
I've written an article on Rails Authorization that goes into more detail, comparing CanCanCan and Pundit and simple role-based authorization.
这篇关于Rails 4 授权宝石的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
