我只是想比较在 Rails 中实现 ACL 时使用的不同解决方案。
最佳答案
我使用授权插件(由 Bill Katz 创建):
Roles can be authorized for the entire application, a model class, or a specific object. The plugin provides a way of checking authorization at the class or instance method level using permit and permit? methods. It also provides english-like dynamic methods like "user.is_manager_of project" (where "user" acts as authorized, "manager" is a role, and "project" is an authorizable model). You can specify how control is redirected if authorization is denied. (quote source)
首页: http://www.writertopia.com/developers/authorization
文档: http://github.com/DocSavage/rails-authorization-plugin/tree/master/authorization/README.rdoc
您可能也有兴趣阅读此比较(来自去年,但仍然有些用处;这是我从中获得上述引述的地方): http://www.vaporbase.com/postings/Authorization_in_Rails
最近的比较: http://steffenbartsch.com/blog/2008/08/rails-authorization-plugins/
关于ruby-on-rails - 为 Rails 应用程序实现 ACL 的最佳方式是什么?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/118247/