Save 37% off PRO during our Black Friday Sale! »

Rails Authorization

Rails Authorization

Ginza.rb 第31回 ユーザの権限管理どうしてます?発表資料
https://ginzarb.doorkeeper.jp/events/36898

kyuden/banken
https://github.com/kyuden/banken

E388dc8d354c829d311ee78e024ce30e?s=128

Kyuden Masahiro

January 19, 2016
Tweet

Transcript

  1. RAILS AUTHORIZATION KYUDEN MASAHIRO kyuden_ kyuden

  2. ೔ຊޠTutorialΛWIKIʹ༻ҙ͠·ͨ͠


  3. ೔ຊޠTutorialΛWIKIʹ༻ҙ͠·ͨ͠


  4. None
  5. None
  6. ݖݶ؅ཧ Talking Theme

  7. ݖݶ؅ཧ͸ίʔυ͕༰қ͘ߥΕΔ

  8. ݖݶ؅ཧͷDBઃܭʹ͍ͭͯ͸ ࿩͠·ͤΜ

  9. Why ݖݶ؅ཧͷDBઃܭ͸ ཁ݅ʹΑͬͯ͞·͟·͔ͩΒ

  10. ຊ୊ɿݖݶʹΑΔController΍Viewͷ੍ޚ

  11. ControllerͱView͕ if ͰߥΕΔ

  12. ‣ ࣅͨΑ͏ͳೝՄ৚͕݅Controller΍ViewͳͲ޿͍ൣғʹࢄࡏ
 ‣ Modelʹݖݶ൑ఆΛدͤͯ΋ݖݶ͕૿͑ΔͱFat Modelʹ

  13. ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

  14. Use gem

  15. Choose CanCan/CanCanCan gem ?

  16. None
  17. Architecture with CanCan/CanCanCan Controller A Controller B Controller C Ability

    ‣ Controller͝ͱʹఆ͍ٛͯͨ͠ೝՄ৚݅Λ෼཭͠
 1ͭͷAbilityΫϥεʹूதͤ͞Δ
  18. Design concept of CanCan/CanCanCan ‣ ݖݶ͝ͱʹ
 ֤ϦιʔεͱActionʹର͢ΔೝՄ৚݅Λఆٛ

  19. How to use CanCan/CanCanCan class HogesController < ApplicationController def index

    authorize! :index, Hoge
  20. Problem of CanCan/CanCanCan ‣ ݖݶ؅ཧ͕ෳࡶͳΞϓϦͰ͸AbilityΫϥε͕ංେԽ͠ खʹෛ͑ͳ͘ͳΔ
 ‣ ͢΂ͯͷೝՄ৚͕݅ఆٛ͞ΕͨAbilityΫϥε͕ϦΫΤ ετຖʹධՁ͞ΕΔͨΊϨεϙϯε͕ଟগॏ͘ͳΔ
 (க໋తͰ͸ͳ͍͕ແବ͕ଟ͍)


    ‣ CanCanCan͕ఏڙ͢ΔೝՄ৚݅Λఆٛ͢ΔͨΊͷಠ ࣗDSL͕ෳࡶͰਏ͍֮͑ͨ͘͠ͳ͍

  21. ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

  22. ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

  23. Choose Pundit gem ?

  24. None
  25. Design concept of Pundit ‣ Ϧιʔεຖʹ
 Actionʹର͢ΔೝՄ৚݅Λఆٛ

  26. Architecture with Pundit ‣ ModelຖʹPolicyΫϥεΛ࡞੒͠Actionʹ ର͢ΔೝՄ৚݅Λఆ͍ٛͯ͘͠ Model A 
 A

    Policy 
 Controller A update destroy update? destroy?
  27. How to use Pundit v

  28. Impression of Pundit (1) ‣ Punditͷ಺෦࣮૷͸RailsͷϞϯΩʔύον ͳͲͷ֦ுΛߦ͍ͬͯͳ͍ͷͰRailsͷόʔ δϣϯΞοϓʹΑΔӨڹΛड͚ʹ͍͘

  29. Impression of Pundit (2) ‣ CanCanCanͷΑ͏ͳೝՄ৚݅Λఆٛ͢Δಠ ࣗDSLΛ࢖ΘͣೝՄ৚݅Λఆٛ͢Δࣄ͕Ͱ ͖ΔɻPunditΛ࢖͏্Ͱඞཁͳͷ͸࠷খݶ ͷ࢖͍ํͱRubyྗ
 ‣

    PolicyΫϥε͸୯ͳΔRubyͷΫϥεͰ͋Δ ͨΊϞδϡʔϧԽͨ͠Γܧঝͤͨ͞Γཁ݅ ʹԠͯ͡ॊೈʹ࣮૷Ͱ͖Δ
  30. Impression of Pundit (3) ‣ ຊདྷɺݖݶ؅ཧͱ͸ʮAdminͳΒArticleϦ ιʔεͷߋ৽ΛೝՄ͢ΔʯͷΑ͏ʹϦιʔε ϕʔεͷཁ݅Ͱ͋ΔͨΊݖݶ؅ཧΛϞσϧد Γͷ੹຿ͱͯ͠ଊ͑ɺϦιʔε͝ͱʹೝՄ৚ ݅Λఆ͍ٛͯ͘͠Ξϓϩʔν͸ͱͯ΋ࣗવɻ

  31. ʨ`≡ŋŐŋ≡´ʩὑ

  32. Problem of Pundit (1) ‣ Modelຖʹ࡞੒͢ΔPolicyΫϥεʹ͸Controllerͷ Actionʹඥͮ͘ϝιου(action + ?)Λ࣮૷͢Δͨ ΊɺPunditΛ࢖͏্Ͱ͸Model,

    Policy, Controller ͕1ର1ର1ͱ͍͏੍໿͕҉໧తʹੜ·ΕΔ Model A 
 A Policy 
 Controller A update destroy update? destroy?
  33. Problem of Pundit (2) ‣ جຊతʹ͸ArticleModelΛѻ͏ͷ͸ ArticlesControllerͳͷͰArticlePolicy͕͋Ε͹ࣄ ଍ΓΔ
 ‣ ͕͔͠͠ɺΞϓϦ͕ෳࡶʹͳ͍ͬͯ͘ͱಛఆͷϞ

    σϧΛѻ͏Controller͕ෳ਺ଘࡏ͢Δ৔߹ɺͭ·Γ 1ͭͷϞσϧʹର͠ෳ਺ͷPolicy͕ඞཁʹͳΔ৔߹ ͕͋Γɺ͜ͷ࣌Punditར༻ऀ͸ԿΒ͔ͷ޻෉͢Δ ඞཁ͕͋Δɻ(ࠇຐज़ͰPunditΛὃ͢ɺϞϯΩʔ ύονΛ౰ͯΔɺPolicyΫϥεΛ޻෉͢ΔͳͲ)
  34. Problem of Pundit (3) 
 UserPolicy show? 
 UsersController show

    
 Admin::UsersController show User ‣ UsersControllerͱAdmin::UsersControllerͷshowͷೝՄ৚݅ ͕ҧ͏৔߹ɺUserPolicyͱAdmin::UserPolicy͕ཉ͘͠ ͳΔ͕1ͭͷModelʹରͯ͠͸1ͭͷPolicy͔͠ඥ෇ ͚Δ͜ͱ͸Ͱ͖ͳ͍
  35. ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

  36. ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

  37. ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

  38. Make a hypothesis for authorization ‣ ݖݶ؅ཧ͕ϞσϧدΓͷ੹຿ͳΒɺຊདྷೝՄର ৅͸ControllerͷActionͰͳ͘ActiveRecordͷ ૢ࡞ܥϝιου(create, updateͳͲ)Ͱ͸ͳ͍͔


    ‣ ͔͠͠ɺͦΕͰ͸ొ࿥ɺߋ৽ɺ࡟আ͸ೝՄՄೳ ͕ͩࢀরΛೝՄͰ͖ͦ͏ʹͳ͍ ‣ ΍͸Γݖݶ؅ཧ͸ControllerدΓͷ੹຿ͳͷͰ ͸ͳ͍͔
  39. https://github.com/kyuden/banken

  40. Choose banken gem

  41. Design concept of Banken ‣ Controllerຖʹ
 Actionʹର͢ΔೝՄ৚݅Λఆٛ

  42. Architecture with Banken ‣ ControllerຖʹLoyaltyΫϥεΛ࡞੒͠Action ʹର͢ΔೝՄ৚݅Λఆ͍ٛͯ͘͠ 
 A Loyalty 


    Controller A update destroy update? destroy?
  43. How to use Banken v

  44. Description of Banken (1) ‣ Pundit likeͳAPIΛอͪͳ͕ΒPunditͷ ModelدΓͷ੹຿ΛControllerدΓʹॻ͖ ׵͑ͨgem


  45. Description of Banken (2) 
 Admin::UsersLoyalty show? 
 UsersController 


    Admin::UsersController show 
 UsersLoyalty show? show ‣ ControllerຖʹLoyaltyΫϥεΛ࡞੒͠ Modelʹ͸ґଘ͠ͳ͍ͷͰɺલड़ͨ͠ Punditͷऑ఺΋ճආͰ͖Δ
  46. Description of Banken (3) ‣ Punditಉ༷ʹ಺෦࣮૷͸RailsͷϞϯΩʔ ύονͳͲͷ֦ுΛߦ͍ͬͯͳ͍ͷͰRails ͷόʔδϣϯΞοϓʹΑΔӨڹΛड͚ʹ͘ɺ ࠓ·Ͱ௨Γݩؾʹ৲ඌΛৼͬͯಈ͍ͯ͘Ε Δ


    ‣ LoyaltyΫϥε͸୯ͳΔRubyͷΫϥεͰ͋ ΔͨΊϞδϡʔϧԽͨ͠Γܧঝͤͨ͞Γཁ ݅ʹԠͯ͡ॊೈʹ࣮૷Ͱ͖Δ
  47. Problem of Banken ‣ Bankenʹ͸੹຿ΛModel͔ΒControllerدΓʹ Ҡͨ͠ࣄͰPunditͰ͍͏ॴͷScopeػೳ͕ͳ͍
 ‣ Scopeػೳͱ͍͏ͷ͸ɺݖݶ͝ͱʹ࢖༻͢Δ named scopeΛ੾Γସ͑Δػೳ

    ‣ ͕͔͠͠ɺnamed scopeͷ੾Γସ͕͑ඞཁͳ৔ ߹͸୯७ʹModelʹ࣮૷͢Ε͹ྑ͍ͷͰɺඞͣ͠ ΋Scopeػೳ͕ඞཁ͔ͱ͍͑͹ͦΜͳ͜ͱ͸ͳ͍
  48. Difference between Banken and Pundit Banken ‣ ControllerدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖ͳ͍

    ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳͬͯ΋ɺҰ؏͠ ͯBankenຊདྷͷ࢖͍ํΛଓ͚Δ͜ͱ͕Ͱ͖Δ Pundit ‣ ModelدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖Δ ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳΔͱɺ։ൃऀࣗ਎Ͱ͜ͷ໰ ୊Λղܾ͢Δඞཁ͕͋ΓɺPunditຊདྷͷ࢖͍ํ͔Β֎ΕΔ৔ ߹͕͋Δ
  49. ΋͏ҰͭBankenʹ͸଍Γͳ͍ࣄ͕

  50. ࡞ͬͨ͹͔ΓͳͷͰར༻ऀ͕গͳ͍͜ͱ
 (github star΍࣮ࡍͷϓϩδΣΫτͰ࢖ͬͯ΋Β͑Δͱخ͍͠Ͱ͢ )

  51. Tutorial (ӳޠ &೔ຊޠ)΋WIKIʹ͋Γ·͢


  52. 1ΞϓϦʹ1ඖ
 BankenΛࣂͬͯΈͯ͸͍͔͔͕Ͱ͔͢

  53. ·ͱΊ ‣ ݖݶ؅ཧͱ͸ ‣ ݖݶ؅ཧܥGemͷൺֱ ‣ CanCanCan ‣ Pundit ‣

    Banken
 ‣ ίʔυͷඒ͚ͩ͠͞Ͱͳ͘ΑΓઃ ܭతͳࢹ఺(Architecture, Design concept)Ͱ GemΛධՁ͢Δͱ৽͍͠ൃݟ͕͋Δ
  54. END