Skip to content

Roles

Jump to bottom Edit New page
kristianmandrup edited this page Nov 9, 2011 · 1 revision

CanTango makes it very easy to integrate any Role system. The only requirement is that each Ability candidate (fx user or account) you use, has a method that returns a list of the roles of the role candidate, as symbols.

The default configuration expects a method #roles_list.

A valid implementation of the #roles_listmethod is exposed by these Role systems

Roles API requirement

  • #roles_list - return array of names of roles the candidate has

If you want to integrate Role groups as well, here are the Role group requirements:

  • #role_groups_list - return array of names of role groups the candidate has

The role and role group list methods can be configured via CanTango.config.roles.

Examples:

CanTango.config do |config|
  config.roles.list_method = :roles
  config.role_groups.list_method = :role_groups
end

Note: Optionally you can also configure a #has_method for roles and role_groups. This is by default set to #has_role? and #in_role_group? respectively.

Role and Role groups filters

You can specify a subset of roles and/or role groups to be included for evaluation (permits and permission engine) with the methods #exclude and #only.

CanTango.config do |config|
  config.roles.exclude :admin, :editor
  config.role_groups.only :publishers
end

This is can be very useful during development when you have multiple roles and role groups and you want to do isolated access control tests on a specific subset of roles or role groups.

Add a custom footer
Add a custom sidebar
Clone this wiki locally