Rails的:授权与Authlogic [英] Rails: Authorization with Authlogic
问题描述
我需要一个非常精细的授权系统与 Authlogic 。
I need a very granular authorization system that works seamlessly with Authlogic.
我到目前为止已经试过这些宝石/插件:
I've tried these gems/plugins so far:
- Lockdown
- rails
_authorization_plugin - ACL9
我也看了,但没试过执行:
I've also looked at, but not tried implementing:
- Padlock
我四处寻找一个好的教程,详细说明了如何设置任何这些与Authlogic在某种程度上是有道理的(只有锁定文档似乎概括了如何与Authlogic设置此),但都拿出了微乎其微。 ,使得最遥远的意义,我对这些的只有一个是锁定的文件,但我不认为这包将工作对我来说(从我的理解它)。
I've searched around for a good tutorial detailing how to set up any of these with Authlogic in a way that makes sense (only the Lockdown doc seems to outline how to set this up with Authlogic), but have come up with next to nothing. The only one of these that made the remotest sense to me was the documentation for Lockdown, but I don't think that package will work for me (from what I understand of it).
我真正爱的是一个很好的教程的专门的有关设置这些解决方案的授权与Authlogic,或者一个简单的示例应用程序,我可以看到一个人如何在code走到一起和作品。任何人都可以点我的很好的一步一步的(为什么)资源,或者提供一个简单的应用建立在Authlogic上面这些授权解决方案之一?
What I'd really love is a good tutorial specifically about setting one of these authorization solutions up with Authlogic, or else a simple example application where I can see how the code comes together and works. Can anyone point me to any good step-by-step (and why) resources, or else provide a simple application with one of these authorization solutions set up on top of Authlogic?
推荐答案
我觉得你有你的第一句话一个错字。你一定意味着授权,与Authlogic无缝协同工作。 AuthLogic已经是一个身份认证解决方案。
I think you have a typo in your first sentence. You must mean "authorization that works seamlessly with Authlogic." AuthLogic already is an authentication solution.
我想你可能会努力找到一个教程,特定于AuthLogic,因为没有任何理由的授权和认证需要紧密耦合在一起。
I think you might be struggling to find a tutorial that's specific to AuthLogic because there's no reason authorization and authentication need to be tightly coupled to one another.
验证回答了这个问题:谁是访问该网页的人
授权回答这个问题:没有访问此页面的人有什么权限
Authentication answers the question: "Who is the person accessing this page?" Authorization answers the question: "What permissions does the person accessing this page have?
所以,你的授权,Authlogic唯一需要的就是从你的控制器CURRENT_USER()方法。例如,采取Acl9( http://github.com/be9/acl9/tree/master 教程)。我相信所有你需要自定义是:subject_method部分(Acl9调用您的活动用户的'主题',所以:subject_method需要被设置为返回当前用户,这是该方法的名称:CURRENT_USER如果您遵循的基本AuthLogic文档)。
So the only thing your authorization needs from Authlogic is the current_user() method from your controller. For example, take the tutorial for Acl9 (http://github.com/be9/acl9/tree/master). I believe all you'll need to customize is the :subject_method part (Acl9 calls your active user the 'subject', so :subject_method needs to be set to the name of the method that returns the current user, which is :current_user if you followed the basic AuthLogic docs).
这篇关于Rails的:授权与Authlogic的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
