ruby on rails - dynamic cancan from database with complex conditions -

-

i'm trying define user created roles select permissions list of permissions. want permission this:

def initialize(user)   user.projects_users.each |project_user|     project_user.role.privileges |privilege|       can :create, projectsuser, :project_id => project_user.project_id     end   end end

but i'm trying save privileges in database in such way can outcome above

def initialize(user)   user.projects_users.each |project_user|     project_user.role.privileges |privilege|       can privilege.action.to_sym, privilege.subject_class.constantize, privilege.conditions     end   end end

the problem lies in 'privilege.conditions' part. cannot store condition must executed in ability.rb file. if try store:

{ :project_id => project_user.project_id }

it there no variable named 'project_user'. save string , in ability file eval(privilege.condition), need on values. tried this:

def initialize(user)   user.projects_users.each |project_user|     project_user.role.privileges |privilege|       can privilege.action.to_sym, privilege.subject_class.constantize, privilege.conditions.each |subject, id|         subject => eval(id)       end     end   end end

the error i'm getting 'syntax error, unexpected =>, expecting keyword_end' 'subject =>' piece.

not sure how exactly...

i'm using line of commands test it:

@user_id = 4 @role = role.create(name: "tester", project_id: 4) @priv = privilege.create(:action => :create, :subject_class => 'projectsuser', :conditions => { :project_id => 'project_user.project_id' }) @role.privileges << @priv @project_user = projectsuser.create(:user_id => @user_id, :role_id => @role.id, :project_id => @role.project_id) @a = ability.new(user.find(@user_id)) @a.can?(:create, projectsuser.new(:user_id => @user_id + 1, :role_id => @role.id, :project_id => @role.project_id))

any advice?

ok found easy work around. block on conditions not being evaluated correctly. here's working code:

user.projects_users.each |project_user|   project_user.role.privileges.each |privilege|     can privilege.action.to_sym, privilege.subject_class.constantize, hash[privilege.conditions.map {|subject, condition| [subject, eval(condition)] }]   end end

notice hash[privilege.conditions.map {|subject, condition| [subject, eval(condition)] }]

what doing taking symbol key in conditions such :subject_id , mapping evaluated condition, evaluated particular id.

in model have

class privilege < activerecord::base     has_and_belongs_to_many :roles    serialize :conditions, hash end

and example model is:

privilege.create(   :action => :create,    :subject_class => 'projectsuser',    :conditions => { :project_id => 'project_user.project_id' } )

update

this method works conditions 1 level deep. condition not work. a: typeerror: no implicit conversion of hash string

:conditions => {    :project => {      :location_id => 'project_user.project.location_id'   } }

this not best solution, work around is

:conditions => {    :project => "{      :location_id => eval(\"project_user.project.location_id'\")   }" }

Comments

Post a Comment

Popular posts from this blog

PHP DOM loadHTML() method unusual warning -

-
i had following code works fine on localhost: $document = new domdocument(); $document->loadhtml($p_result); $form = $document->getelementsbytagname('form')->item(0); // code continues using $form variable after same code updated on outside server, loadhtml() failed , issued warning. warning: domdocument::loadhtml() expects parameter 1 valid path, string given in path/name/to/script.php returned null instead of object code pretty gets fatal error. note contents of $p_result absolutely same on outside server , on localhost. but why displays kind of warning , why not work? doesn't loadhtml() expects argument 1 string in first place? why method expects parameter 1 valid path ? just make clear i'm not calling loadhtmlfile() , i'm calling loadhtml() . thanks. you're affected one of php bugs . issue present in php 5.6.8 , 5.6.9. have affected php version on server, , bug-free version on localhost. the bug forbids null
Read more

python - How to create jsonb index using GIN on SQLAlchemy? -

-
here's current code creating index jsonb. index("mytable_data_idx_id_key", mytable.data['id'].astext, postgresql_using='gin') but got error. sqlalchemy.exc.programmingerror: (psycopg2.programmingerror) data type text has no default operator class access method "gin" hint: must specify operator class index or define default operator class data type. [sql: "create index event_data_idx_id_key on event using gin ((data ->> 'id'))"] is there way create index on sqlalchemy? the postgresql specific sqlalchemy docs @ http://docs.sqlalchemy.org/en/latest/dialects/postgresql.html#operator-classes mention postgresql_ops dictionary provide "operator class" used postgresql, , provide example illustrating use: index('my_index', my_table.c.id, my_table.c.data, postgresql_ops={ 'data': 'text_pattern_ops',
Read more

c# - TransactionScope not rolling back although no complete() is called -

-
i'm using transactionscope rollback transaction fail bool errorreported = false; action<importerrorlog> newerrorcallback = e => { errorreported = true; errorcallback(e); }; using (var transaction = new transactionscope()) { foreach (importtaskdefinition task in taskdefinition) { loader.load(streamfile, newerrorcallback, task.destinationtable, processingtaskid); } if (!errorreported) transaction.complete(); } i'm sure there no transactionscope started ahead or after code. i'm using entity framework insert in db. regardless state of errorreported transaction never rolled in case of error. what missing ? transactionscope sets transaction.current . that's does. wants transacted must @ property. i believe ef each time connection opened reason. probably, connection open when scope installed. open connection inside of scope or enlist manually. ef has nasty "design decision": default opens
Read more