Rails Authorization

Rails Authorization

Ginza.rb 第31回 ユーザの権限管理どうしてます?発表資料
https://ginzarb.doorkeeper.jp/events/36898

kyuden/banken
https://github.com/kyuden/banken

E388dc8d354c829d311ee78e024ce30e?s=128

Kyuden Masahiro

January 19, 2016
Tweet

Transcript

  1. 4.
  2. 5.
  3. 14.
  4. 16.
  5. 17.

    Architecture with CanCan/CanCanCan Controller A Controller B Controller C Ability

    ‣ Controller͝ͱʹఆ͍ٛͯͨ͠ೝՄ৚݅Λ෼཭͠
 1ͭͷAbilityΫϥεʹूதͤ͞Δ
  6. 24.
  7. 32.

    Problem of Pundit (1) ‣ Modelຖʹ࡞੒͢ΔPolicyΫϥεʹ͸Controllerͷ Actionʹඥͮ͘ϝιου(action + ?)Λ࣮૷͢Δͨ ΊɺPunditΛ࢖͏্Ͱ͸Model,

    Policy, Controller ͕1ର1ର1ͱ͍͏੍໿͕҉໧తʹੜ·ΕΔ Model A 
 A Policy 
 Controller A update destroy update? destroy?
  8. 33.

    Problem of Pundit (2) ‣ جຊతʹ͸ArticleModelΛѻ͏ͷ͸ ArticlesControllerͳͷͰArticlePolicy͕͋Ε͹ࣄ ଍ΓΔ
 ‣ ͕͔͠͠ɺΞϓϦ͕ෳࡶʹͳ͍ͬͯ͘ͱಛఆͷϞ

    σϧΛѻ͏Controller͕ෳ਺ଘࡏ͢Δ৔߹ɺͭ·Γ 1ͭͷϞσϧʹର͠ෳ਺ͷPolicy͕ඞཁʹͳΔ৔߹ ͕͋Γɺ͜ͷ࣌Punditར༻ऀ͸ԿΒ͔ͷ޻෉͢Δ ඞཁ͕͋Δɻ(ࠇຐज़ͰPunditΛὃ͢ɺϞϯΩʔ ύονΛ౰ͯΔɺPolicyΫϥεΛ޻෉͢ΔͳͲ)
  9. 34.

    Problem of Pundit (3) 
 UserPolicy show? 
 UsersController show

    
 Admin::UsersController show User ‣ UsersControllerͱAdmin::UsersControllerͷshowͷೝՄ৚݅ ͕ҧ͏৔߹ɺUserPolicyͱAdmin::UserPolicy͕ཉ͘͠ ͳΔ͕1ͭͷModelʹରͯ͠͸1ͭͷPolicy͔͠ඥ෇ ͚Δ͜ͱ͸Ͱ͖ͳ͍
  10. 38.

    Make a hypothesis for authorization ‣ ݖݶ؅ཧ͕ϞσϧدΓͷ੹຿ͳΒɺຊདྷೝՄର ৅͸ControllerͷActionͰͳ͘ActiveRecordͷ ૢ࡞ܥϝιου(create, updateͳͲ)Ͱ͸ͳ͍͔


    ‣ ͔͠͠ɺͦΕͰ͸ొ࿥ɺߋ৽ɺ࡟আ͸ೝՄՄೳ ͕ͩࢀরΛೝՄͰ͖ͦ͏ʹͳ͍ ‣ ΍͸Γݖݶ؅ཧ͸ControllerدΓͷ੹຿ͳͷͰ ͸ͳ͍͔
  11. 45.

    Description of Banken (2) 
 Admin::UsersLoyalty show? 
 UsersController 


    Admin::UsersController show 
 UsersLoyalty show? show ‣ ControllerຖʹLoyaltyΫϥεΛ࡞੒͠ Modelʹ͸ґଘ͠ͳ͍ͷͰɺલड़ͨ͠ Punditͷऑ఺΋ճආͰ͖Δ
  12. 47.

    Problem of Banken ‣ Bankenʹ͸੹຿ΛModel͔ΒControllerدΓʹ Ҡͨ͠ࣄͰPunditͰ͍͏ॴͷScopeػೳ͕ͳ͍
 ‣ Scopeػೳͱ͍͏ͷ͸ɺݖݶ͝ͱʹ࢖༻͢Δ named scopeΛ੾Γସ͑Δػೳ

    ‣ ͕͔͠͠ɺnamed scopeͷ੾Γସ͕͑ඞཁͳ৔ ߹͸୯७ʹModelʹ࣮૷͢Ε͹ྑ͍ͷͰɺඞͣ͠ ΋Scopeػೳ͕ඞཁ͔ͱ͍͑͹ͦΜͳ͜ͱ͸ͳ͍
  13. 48.

    Difference between Banken and Pundit Banken ‣ ControllerدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖ͳ͍

    ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳͬͯ΋ɺҰ؏͠ ͯBankenຊདྷͷ࢖͍ํΛଓ͚Δ͜ͱ͕Ͱ͖Δ Pundit ‣ ModelدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖Δ ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳΔͱɺ։ൃऀࣗ਎Ͱ͜ͷ໰ ୊Λղܾ͢Δඞཁ͕͋ΓɺPunditຊདྷͷ࢖͍ํ͔Β֎ΕΔ৔ ߹͕͋Δ
  14. 53.

    ·ͱΊ ‣ ݖݶ؅ཧͱ͸ ‣ ݖݶ؅ཧܥGemͷൺֱ ‣ CanCanCan ‣ Pundit ‣

    Banken
 ‣ ίʔυͷඒ͚ͩ͠͞Ͱͳ͘ΑΓઃ ܭతͳࢹ఺(Architecture, Design concept)Ͱ GemΛධՁ͢Δͱ৽͍͠ൃݟ͕͋Δ
  15. 54.

    END