ruby on rails - CanCan and ability block -

-

i have piece of code defines cancan's user permissions, don't understand conditions inside block ?

    class ability           include cancan::ability            def initialize(user)              user.permissions.each |permission|               can permission.action.to_sym,               permission.thing_type.constantize |thing|                thing.nil? || permission.thing_id.nil? || permission.thing_id == thing.id               end             end   end end

so, lines of code bugging me:

permission.thing_type.constantize |thing|        thing.nil? || permission.thing_id.nil? || permission.thing_id == thing.id end

i understand block used define complex conditions , guess permission.thing_id == thing.id there permission granted selected objects don't see purpoose of thing.nil? || permission.thing_id.nil?.what's for?

so, according cancan docs, when pass block can (which what's going on here), permission given if block returns true. object passed in block object user might have permission to.

what does, then, give user permission perform permission.action on class permission.thing_type if:

  1. thing nil. might happen in case of things create permission, doesn't take specific object (it takes class instead).
  2. permission.thing_id nil. dealing case permission object doesn't point @ specific thing. feels opposite side of item 1. might apply in case of 'blanket' permissions - permission says particular user can perform action on any object of class. or
  3. the thing has id specified in permission object.

moral: comment code. if it's obvious right does, might not next person. might you, in few months.


Comments

Post a Comment

Popular posts from this blog

c# - How Configure Devart dotConnect for SQLite Code First? -

-
can configure following sample code ? when run following code, error : no entity framework provider found ado.net provider invariant name 'devart.data.sqlite' setting in machine.config <system.data> <dbproviderfactories> <add name="dotconnect sqlite" invariant="devart.data.sqlite" description="devart dotconnect sqlite" type="devart.data.sqlite.sqliteproviderfactory, devart.data.sqlite, version=4.6.287.0, culture=neutral, publickeytoken=09af7300eec23701" /> </dbproviderfactories> </system.data> after add below block code in app.config <?xml version="1.0"?> <configuration>   <configsections> <!-- more information on entity framework configuration, visit http://go.microsoft.com/fwlink/?linkid=237468 --> <section name="entityframework" type="system.data.entity.internal.configfile.entityframeworksection, entit...
Read more

erlang - Saving a digraph to mnesia is hindered because of its side-effects -

-
updated the digraph library in erlang implements data type side-effectful. each operation on data type saves new state in ets table -- instead of returning altered version of itself, more common in functional languages. the problem usage perspective, impedes effort store or pass around state in convenient way requiring me first "collect" state before can start juggle around. the closest solution have seen far serializer/deserializer , these have drawback tied current structure of digraphs instead of operating on abstract type -- prevents future proof solution. update pascal pointed out serializer utilizes interface of digraph, , hence eliminates drawback mentioned above. better, albeit still inconvenient, see no better alternative. what recommendation on how store digraphs? should go different data type altogether? thanks. i not sure understand concern. fact digraph stored in ets transparent in user interface, might want chnge either exchange digr...
Read more

java - Copying object fields -

-
what best way of copying classes when need have 2 independent variables? have simple class: public class myclass { boolean = false; string b= "not empty"; } do need make method : assign(myclass data ) { a= data.a; b= data.b; } is there automatic method copy (duplicate) objects in java? do need make method : pretty close. instead of making method, should make constructor. such constructors called copy constructor , , create them this: myclass(myclass data) { = data.a; b = data.b; } and create copy of instance, use constructor this: myclass obj1 = new myclass(); myclass obj2 = new myclass(obj1); copy constructor can tedious : using copy constructor create deep-copy can tedious, when class has mutable fields. in case, assignment create copy of reference, , not object itself. have create copy of fields (if want deep copy). can go recursive. a better way create deep copy serialize , deserialize object. why not use clone()? ...
Read more