rails7: 后台用户 admins-roles-permissions/rabc

常用系统中的后台用户功能

功能

我要考虑的功能是，管理员角色登录，可以配置菜单，普通用户角色使用系统

• admins
• roles
• permissions

另外

• has_secure_password: 所以，记得开启 gem "bcrypt", “~> 3.1.7”

基本模型表

• admins: 后台管理员
• roles: 角色
• permissions: 权限
• posts: 文章

# admins 表
rails g model Admin name:string:uniq email:string password_digest:string role:references
# roles 表
rails g model Role name:string:uniq
# permissions 表
rails g model Permission name:string:uniq
# cms 文章表
rails g model Post title:string content:text admin:references

# 先生成第一批表
rails db:migrate

model关联

在 app/models/admin.rb 中：

class Admin < ApplicationRecord
  belongs_to :role
  has_many :posts
end

在 app/models/role.rb 中

class Role < ApplicationRecord
  has_many :admins
  has_and_belongs_to_many :permissions
end

在 app/models/permission.rb 中：

class Permission < ApplicationRecord
  has_and_belongs_to_many :roles
end

在 app/models/post.rb 中：

class Post < ApplicationRecord
  belongs_to :admin
end

创建多对多关联表

• 字母序
• 单词多少，长度优先级定律
• 共同前缀的处理规则

rails g migration CreateJoinTableRolesPermissions permissions roles
rails db:migrate

创建测试数据

1. 角色: roles
2. 权限: permissions

# roles
role1 = Role.create(name: 'admin')
role2 = Role.create(name: 'editor')
role3 = Role.create(name: 'author')

# permissions
p1 = Permission.create(name: 'post.index')
p2 = Permission.create(name: 'post.show')
p3 = Permission.create(name: 'post.create')
p4 = Permission.create(name: 'post.update')
p5 = Permission.create(name: 'post.destroy')

添加用户

添加用户，并赋以角色

## create admins
adm1 = Admin.new(name: 'adm1', email:'adm1@dev.com', password: '123456', password_confirmation: '123456')
adm1.role = role1
adm1.save!

## create editors
adm2 = Admin.new(name: 'adm2', email: 'adm2@dev.com', password: '123456', password_confirmation: '123456')
adm2.role = role2
adm2.save!

## create authors
adm3 = Admin.new(name: 'adm3', email: 'adm3@dev.com', password: '123456', password_confirmation: '123456')
adm3.role = role3
adm3.save!

给角色添加权限

## ---- permissions for admin
role1.permissions << Permission.find_by(name: 'post.index')
role1.permissions << Permission.find_by(name: 'post.show')
role1.permissions << Permission.find_by(name: 'post.create')
role1.permissions << Permission.find_by(name: 'post.update')
role1.permissions << Permission.find_by(name: 'post.destroy')

## ---- permissions for editor
role2.permissions << Permission.find_by(name: 'post.index')
role2.permissions << Permission.find_by(name: 'post.show')
role2.permissions << Permission.find_by(name: 'post.create')
role2.permissions << Permission.find_by(name: 'post.update')

## ---- permissions for author
role3.permissions << Permission.find_by(name: 'post.show')
role3.permissions << Permission.find_by(name: 'post.create')
role3.permissions << Permission.find_by(name: 'post.update')

权限添加会乱

• 添加同一类的权限
• 实际查出来的时候，可以排序

class Permission < ApplicationRecord
  has_and_belongs_to_many :roles

  # ... 省略10000行代码
  
  def self.ordered_permissions
    Permission.all.order(:name)
  end
end

参考

• https://api.rubyonrails.org/v7.1.2/classes/ActiveRecord/Associations/ClassMethods.html#method-i-has_and_belongs_to_many
• https://stackoverflow.com/questions/25741255/should-i-use-a-has-and-belongs-to-many-relation
• https://chat.zhile.io/c/dcc3b522-4839-4d9c-a649-0cf8a2820141