Chapters1 Creating a Permission
Just open the permissions.yml fixture file from your bootstrap and add a new named fixture with that values:
permission_key:
name: "The showed name of that permission"
key: permission_key
Replace permission_key with your permission key and the name with the name of the new permission.
The name field is what is showed to the user.
The key field is used in the code to access to refer to that permission.
2 Creating a Role
To create a role, or generally to manage that, just go to their section in Ubiquo. The management is like a simple scaffold. To create one just click in the ‘create’ link, insert their name and permissions that it will grant and submit.
3 Assign a Role to a User
To assign a role to a ubiquo user go to edit the user. Down the form to the end and all roles list must appear. The checked roles will be added to the user.
4 Controlling access to an action
When in a controller you need to control who get in the actions, simply add an access_control call on that controller.
The controller must have something like that:
class ExampleController < UbiquoController
# .......
access_control ....
# .......
end
The attribute of access_control is a hash. In the key value you can use a simple key with the name of the action to control, :DEFAULT to add the control to all actions or an array with the actions.
access_control {
:DEFAULT => ... # control all actions
:index => .... #control index action
[:new, :create] => .... #control new and create actions
}
The values of the hash are explained in the next three sections.
4.1 One permission
It is used to force that the user have a permission to get in the desired actions. You only have to type the permission key here.
access_control :DEFAULT => 'permission_key'
access_control :DEFAULT => :permission_key
4.2 Many permissions
It is used to force that the user have at least one permission of a list of permissions. You have to type the permissions key array here.
access_control :DEFAULT => ['permission_key_1', 'permission_key_2']
access_control :DEFAULT => [:permission_key_1, :permission_key_2]
access_control :DEFAULT => %w{permission_key_1 permission_key_2}
4.3 Only admins
It is used to grant access only to the admins. You have to type nil.
access_control :DEFAULT => nil
5 Controlling simple execution
This gives you the methods to prevent to some users to execute a piece of code. It’s mostly used to show or hide parts of a view depending on your permissions or parts only for admins.
It’s used exactly like the values of the hash of access control (see their section).
5.1 If condition
It’s used with permit? method:
if permit?('permission_key')
do_something
end
do_something if permit?('permission_key')
do_something if permit?(nil)
do_something if permit?(['permission_key_1', 'permission_key_2'])
or in erb files:
<p>
<% if permit?('permission_key') do %>
You have permission_key granted!
<% end %>
</p>
5.2 Block condition
It’s the same that if condition but yielding (or not) a block. It’s used with restrict_to method:
restrict_to('permission_key') do
do_something
end
or in erb files:
<p>
<% restrict_to('permission_key') do %>
You have permission_key granted!
<% end %>
</p>