I implemented the RBAC from the recipes book it seems to work fine. I
added
synchronize_with_controllers to my rights model, taken from the
user_engine (which is a
great resource to get ideas from), it automatically finds all
controllers and actions
and adds them to the rights table.
Then all you have to do is associate the relevant right with the
relevant role.
I have an example view to do that which I’ll try to write up and post
somewhere.
It is also helpful to have an override to get things setup initially,
what I do is allow
any used logged in with the name admin, to get rights to everything.
basically add
something like this to the authorized? method…
# admin can do everything
if user.login_name == 'admin'
return true
end
this is the Rights model…
class Right < ActiveRecord::Base
has_and_belongs_to_many :roles
validates_presence_of :controller, :action, :name
validates_uniqueness_of :name
# Ensure that the table has one entry for each controller/action
pair
def self.synchronize_with_controllers
# weird hack. otherwise ActiveRecord has no idea about the
superclass of any
# ActionController stuff…
require RAILS_ROOT + “/app/controllers/application”
# Load all the controller files
controller_files = Dir[RAILS_ROOT +
“/app/controllers/**/*_controller.rb”]
# we need to load all the controllers...
controller_files.each do |file_name|
require file_name #if /_controller.rb$/ =~ file_name
end
# Find the actions in each of the controllers, and add them to
the database
subclasses_of(ApplicationController).each do |controller|
controller.public_instance_methods(false).each do |action|
next if action =~
/return_to_main|component_update|component/
if
find_all_by_controller_and_action(controller.controller_path,
action).empty?
self.new(:name => “#{controller}.#{action}”,
:controller =>
controller.controller_path, :action => action).save!
logger.info “added: #{controller} -
#{controller.controller_path},
#{action}”
end
end
end
end
end