问题描述
当我的应用中的用户不是管理员用户时,我只想让他们看到他们拥有的字段.
When a user in my app isn't an admin user i want to only let them see the fields that they have ownership of.
是否有一个如此设置 can :see
或类似的东西在每个字段的基础上,以便它只显示使用可以看到"的字段,或者我应该有一个名为 can :oversee
表示他们可以看到所有内容.
Is there a so set can :see
or something like that on a per field basis so that it displays just the fields that that use "can see", or should I have an ability called can :oversee
to state that they can see everything instead.
我想在 rails admin 中检查用户是否是 admin 会容易得多,所以在哪里设置 rails admin 只提取当前用户的记录.
I suppose it's much easier to just check if the user is admin or not in rails admin, so where set rails admin to only pull the current user's records.
推荐答案
使用 cancan,您可以像这样检查对象的权限:
With cancan, you can check permissions on objects like this:
if can?(:read, order)
# do something!
end
if can?(:email, order)
# do something!
end
但这仅指对象级别的可见性.
But that's only referring to visibility at the object level.
在 RailsAdmin 中,您可以通过传入块来设置字段可见性,如此处一>.
In RailsAdmin, you can set field visibility by passing in a blocks, described here.
例如:
RailsAdmin.config do |config|
config.model Order do
list do
field :name
field :profit do
visible do
current_user.roles.include?(:admin)
end
end
end
end
end
这篇关于如何将 CanCan 与 Rails 管理员一起使用来检查所有权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!