Sha256: f78de8916845ea7453d310f95adc80d8b092b7845e827c61b295d82e3fe2e167
Contents?: true
Size: 1.92 KB
Versions: 11
Compression:
Stored size: 1.92 KB
Contents
.span6
%table.table
%tr
%th Name
%td= @ability.name
%tr
%th Description
%td= @ability.description
%h2 Allowed actions
%table.table
- @ability.permissions.each do |perm|
%tr
%td= perm.allowed_action
= link_to 'Edit', edit_ability_path(@ability), :class => 'btn btn-mini' if is_allowed_to?(@ability, :edit)
.span4
#abilities_explanation.help_text.well
%p
Allowed actions are specified as follows:
%ul
%li
%pre
posts[index, show]
%ul
%li
Only the things that are explicitly specified are allowed.
This declares that on the
%tt
PostsController
only
%tt
index
and
%tt
show
are allowed.
%li
%pre
*[index, show, report]
%ul
%li
We also allow wild-cards. Instead of a controller-name, we could write
%tt
*
which would mean the specified actions would apply to all controllers.
%li
%pre
posts[all]
%ul
%li
If we write
%tt
all
instead of a specific action or list of actions, then all actions are allowed for a given controller.
In this case a user has the ability to access all actions inside the posts_controller.
%li
%pre
*[all]
%ul
%li
By extension, this means a user has the ability to access all actions from all controllers.
%p
When abilities are assigned (authorisation), it is possible to specify the extent of the ability.
What this means depends on your website, but in case of e.g. a blog-host (like blogger), this means that a
%tt
author
's permissions could only be valid on those blogs he owns or has access to.
Version data entries
11 entries across 11 versions & 1 rubygems