Rails Authorization - Speaker Deck

Rails Authorization

by Kyuden Masahiro

Slide 1

Slide 1 text

RAILS AUTHORIZATION KYUDEN MASAHIRO kyuden_ kyuden

Slide 2

Slide 2 text

೔ຊޠTutorialΛWIKIʹ༻ҙ͠·ͨ͠ 

Slide 3

Slide 3 text

೔ຊޠTutorialΛWIKIʹ༻ҙ͠·ͨ͠ 

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

No content

Slide 6

Slide 6 text

ݖݶ؅ཧ Talking Theme

Slide 7

Slide 7 text

ݖݶ؅ཧ͸ίʔυ͕༰қ͘ߥΕΔ

Slide 8

Slide 8 text

ݖݶ؅ཧͷDBઃܭʹ͍ͭͯ͸ ࿩͠·ͤΜ

Slide 9

Slide 9 text

Why ݖݶ؅ཧͷDBઃܭ͸ ཁ݅ʹΑͬͯ͞·͟·͔ͩΒ

Slide 10

Slide 10 text

ຊ୊ɿݖݶʹΑΔController΍Viewͷ੍ޚ

Slide 11

Slide 11 text

ControllerͱView͕ if ͰߥΕΔ

Slide 12

Slide 12 text

‣ ࣅͨΑ͏ͳೝՄ৚͕݅Controller΍ViewͳͲ޿͍ൣғʹࢄࡏ  ‣ Modelʹݖݶ൑ఆΛدͤͯ΋ݖݶ͕૿͑ΔͱFat Modelʹ

Slide 13

Slide 13 text

ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

Slide 14

Slide 14 text

Use gem

Slide 15

Slide 15 text

Choose CanCan/CanCanCan gem ?

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

Architecture with CanCan/CanCanCan Controller A Controller B Controller C Ability ‣ Controller͝ͱʹఆ͍ٛͯͨ͠ೝՄ৚݅Λ෼཭͠  1ͭͷAbilityΫϥεʹूதͤ͞Δ

Slide 18

Slide 18 text

Design concept of CanCan/CanCanCan ‣ ݖݶ͝ͱʹ  ֤ϦιʔεͱActionʹର͢ΔೝՄ৚݅Λఆٛ

Slide 19

Slide 19 text

How to use CanCan/CanCanCan class HogesController < ApplicationController def index authorize! :index, Hoge

Slide 20

Slide 20 text

Problem of CanCan/CanCanCan ‣ ݖݶ؅ཧ͕ෳࡶͳΞϓϦͰ͸AbilityΫϥε͕ංେԽ͠ खʹෛ͑ͳ͘ͳΔ  ‣ ͢΂ͯͷೝՄ৚͕݅ఆٛ͞ΕͨAbilityΫϥε͕ϦΫΤ ετຖʹධՁ͞ΕΔͨΊϨεϙϯε͕ଟগॏ͘ͳΔ  (க໋తͰ͸ͳ͍͕ແବ͕ଟ͍)  ‣ CanCanCan͕ఏڙ͢ΔೝՄ৚݅Λఆٛ͢ΔͨΊͷಠ ࣗDSL͕ෳࡶͰਏ͍֮͑ͨ͘͠ͳ͍ 

Slide 21

Slide 21 text

ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

Slide 22

Slide 22 text

ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

Slide 23

Slide 23 text

Choose Pundit gem ?

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

Design concept of Pundit ‣ Ϧιʔεຖʹ  Actionʹର͢ΔೝՄ৚݅Λఆٛ

Slide 26

Slide 26 text

Architecture with Pundit ‣ ModelຖʹPolicyΫϥεΛ࡞੒͠Actionʹ ର͢ΔೝՄ৚݅Λఆ͍ٛͯ͘͠ Model A   A Policy   Controller A update destroy update? destroy?

Slide 27

Slide 27 text

How to use Pundit v

Slide 28

Slide 28 text

Impression of Pundit (1) ‣ Punditͷ಺෦࣮૷͸RailsͷϞϯΩʔύον ͳͲͷ֦ுΛߦ͍ͬͯͳ͍ͷͰRailsͷόʔ δϣϯΞοϓʹΑΔӨڹΛड͚ʹ͍͘

Slide 29

Slide 29 text

Impression of Pundit (2) ‣ CanCanCanͷΑ͏ͳೝՄ৚݅Λఆٛ͢Δಠ ࣗDSLΛ࢖ΘͣೝՄ৚݅Λఆٛ͢Δࣄ͕Ͱ ͖ΔɻPunditΛ࢖͏্Ͱඞཁͳͷ͸࠷খݶ ͷ࢖͍ํͱRubyྗ  ‣ PolicyΫϥε͸୯ͳΔRubyͷΫϥεͰ͋Δ ͨΊϞδϡʔϧԽͨ͠Γܧঝͤͨ͞Γཁ݅ ʹԠͯ͡ॊೈʹ࣮૷Ͱ͖Δ

Slide 30

Slide 30 text

Impression of Pundit (3) ‣ ຊདྷɺݖݶ؅ཧͱ͸ʮAdminͳΒArticleϦ ιʔεͷߋ৽ΛೝՄ͢ΔʯͷΑ͏ʹϦιʔε ϕʔεͷཁ݅Ͱ͋ΔͨΊݖݶ؅ཧΛϞσϧد Γͷ੹຿ͱͯ͠ଊ͑ɺϦιʔε͝ͱʹೝՄ৚ ݅Λఆ͍ٛͯ͘͠Ξϓϩʔν͸ͱͯ΋ࣗવɻ

Slide 31

Slide 31 text

ʨ`≡ŋŐŋ≡´ʩὑ

Slide 32

Slide 32 text

Problem of Pundit (1) ‣ Modelຖʹ࡞੒͢ΔPolicyΫϥεʹ͸Controllerͷ Actionʹඥͮ͘ϝιου(action + ?)Λ࣮૷͢Δͨ ΊɺPunditΛ࢖͏্Ͱ͸Model, Policy, Controller ͕1ର1ର1ͱ͍͏੍໿͕҉໧తʹੜ·ΕΔ Model A   A Policy   Controller A update destroy update? destroy?

Slide 33

Slide 33 text

Problem of Pundit (2) ‣ جຊతʹ͸ArticleModelΛѻ͏ͷ͸ ArticlesControllerͳͷͰArticlePolicy͕͋Ε͹ࣄ ଍ΓΔ  ‣ ͕͔͠͠ɺΞϓϦ͕ෳࡶʹͳ͍ͬͯ͘ͱಛఆͷϞ σϧΛѻ͏Controller͕ෳ਺ଘࡏ͢Δ৔߹ɺͭ·Γ 1ͭͷϞσϧʹର͠ෳ਺ͷPolicy͕ඞཁʹͳΔ৔߹ ͕͋Γɺ͜ͷ࣌Punditར༻ऀ͸ԿΒ͔ͷ޻෉͢Δ ඞཁ͕͋Δɻ(ࠇຐज़ͰPunditΛὃ͢ɺϞϯΩʔ ύονΛ౰ͯΔɺPolicyΫϥεΛ޻෉͢ΔͳͲ)

Slide 34

Slide 34 text

Problem of Pundit (3)   UserPolicy show?   UsersController show   Admin::UsersController show User ‣ UsersControllerͱAdmin::UsersControllerͷshowͷೝՄ৚݅ ͕ҧ͏৔߹ɺUserPolicyͱAdmin::UserPolicy͕ཉ͘͠ ͳΔ͕1ͭͷModelʹରͯ͠͸1ͭͷPolicy͔͠ඥ෇ ͚Δ͜ͱ͸Ͱ͖ͳ͍

Slide 35

Slide 35 text

ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

Slide 36

Slide 36 text

ʨ›`≡ŋŐŋ≡´ʩ›ớ ᵲᴸᴸᴸᵲ

Slide 37

Slide 37 text

ʨ΁ `≡ŋŐŋ≡´ʩ΁ ᵪᴸᴸᴸᵪ

Slide 38

Slide 38 text

Make a hypothesis for authorization ‣ ݖݶ؅ཧ͕ϞσϧدΓͷ੹຿ͳΒɺຊདྷೝՄର ৅͸ControllerͷActionͰͳ͘ActiveRecordͷ ૢ࡞ܥϝιου(create, updateͳͲ)Ͱ͸ͳ͍͔  ‣ ͔͠͠ɺͦΕͰ͸ొ࿥ɺߋ৽ɺ࡟আ͸ೝՄՄೳ ͕ͩࢀরΛೝՄͰ͖ͦ͏ʹͳ͍ ‣ ΍͸Γݖݶ؅ཧ͸ControllerدΓͷ੹຿ͳͷͰ ͸ͳ͍͔

Slide 39

Slide 39 text

https://github.com/kyuden/banken

Slide 40

Slide 40 text

Choose banken gem

Slide 41

Slide 41 text

Design concept of Banken ‣ Controllerຖʹ  Actionʹର͢ΔೝՄ৚݅Λఆٛ

Slide 42

Slide 42 text

Architecture with Banken ‣ ControllerຖʹLoyaltyΫϥεΛ࡞੒͠Action ʹର͢ΔೝՄ৚݅Λఆ͍ٛͯ͘͠   A Loyalty   Controller A update destroy update? destroy?

Slide 43

Slide 43 text

How to use Banken v

Slide 44

Slide 44 text

Description of Banken (1) ‣ Pundit likeͳAPIΛอͪͳ͕ΒPunditͷ ModelدΓͷ੹຿ΛControllerدΓʹॻ͖ ׵͑ͨgem 

Slide 45

Slide 45 text

Description of Banken (2)   Admin::UsersLoyalty show?   UsersController   Admin::UsersController show   UsersLoyalty show? show ‣ ControllerຖʹLoyaltyΫϥεΛ࡞੒͠ Modelʹ͸ґଘ͠ͳ͍ͷͰɺલड़ͨ͠ Punditͷऑ఺΋ճආͰ͖Δ

Slide 46

Slide 46 text

Description of Banken (3) ‣ Punditಉ༷ʹ಺෦࣮૷͸RailsͷϞϯΩʔ ύονͳͲͷ֦ுΛߦ͍ͬͯͳ͍ͷͰRails ͷόʔδϣϯΞοϓʹΑΔӨڹΛड͚ʹ͘ɺ ࠓ·Ͱ௨Γݩؾʹ৲ඌΛৼͬͯಈ͍ͯ͘Ε Δ  ‣ LoyaltyΫϥε͸୯ͳΔRubyͷΫϥεͰ͋ ΔͨΊϞδϡʔϧԽͨ͠Γܧঝͤͨ͞Γཁ ݅ʹԠͯ͡ॊೈʹ࣮૷Ͱ͖Δ

Slide 47

Slide 47 text

Problem of Banken ‣ Bankenʹ͸੹຿ΛModel͔ΒControllerدΓʹ Ҡͨ͠ࣄͰPunditͰ͍͏ॴͷScopeػೳ͕ͳ͍  ‣ Scopeػೳͱ͍͏ͷ͸ɺݖݶ͝ͱʹ࢖༻͢Δ named scopeΛ੾Γସ͑Δػೳ ‣ ͕͔͠͠ɺnamed scopeͷ੾Γସ͕͑ඞཁͳ৔ ߹͸୯७ʹModelʹ࣮૷͢Ε͹ྑ͍ͷͰɺඞͣ͠ ΋Scopeػೳ͕ඞཁ͔ͱ͍͑͹ͦΜͳ͜ͱ͸ͳ͍

Slide 48

Slide 48 text

Difference between Banken and Pundit Banken ‣ ControllerدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖ͳ͍ ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳͬͯ΋ɺҰ؏͠ ͯBankenຊདྷͷ࢖͍ํΛଓ͚Δ͜ͱ͕Ͱ͖Δ Pundit ‣ ModelدΓͷݖݶ؅ཧ ‣ Scopeػೳ͕࢖༻Ͱ͖Δ ‣ ModelɺControllerͷؔ܎͕ෳࡶʹͳΔͱɺ։ൃऀࣗ਎Ͱ͜ͷ໰ ୊Λղܾ͢Δඞཁ͕͋ΓɺPunditຊདྷͷ࢖͍ํ͔Β֎ΕΔ৔ ߹͕͋Δ

Slide 49

Slide 49 text

΋͏ҰͭBankenʹ͸଍Γͳ͍ࣄ͕

Slide 50

Slide 50 text

࡞ͬͨ͹͔ΓͳͷͰར༻ऀ͕গͳ͍͜ͱ  (github star΍࣮ࡍͷϓϩδΣΫτͰ࢖ͬͯ΋Β͑Δͱخ͍͠Ͱ͢ )

Slide 51

Slide 51 text

Tutorial (ӳޠ &೔ຊޠ)΋WIKIʹ͋Γ·͢ 

Slide 52

Slide 52 text

1ΞϓϦʹ1ඖ  BankenΛࣂͬͯΈͯ͸͍͔͔͕Ͱ͔͢

Slide 53

Slide 53 text

·ͱΊ ‣ ݖݶ؅ཧͱ͸ ‣ ݖݶ؅ཧܥGemͷൺֱ ‣ CanCanCan ‣ Pundit ‣ Banken  ‣ ίʔυͷඒ͚ͩ͠͞Ͱͳ͘ΑΓઃ ܭతͳࢹ఺(Architecture, Design concept)Ͱ GemΛධՁ͢Δͱ৽͍͠ൃݟ͕͋Δ

Slide 54

Slide 54 text

END