Backup Log

[zhandao]

• cache
• list instances that have given roles or permissions
• check the test which for testing multi-calling with same args [next]
• make_sure (controller helper) [NEXT]
• 解决在同一 querying 中查询多次相同的 stored_ [next]
• querying in ONE SQL
• test complete: group (include group#can), can_each, is_one_of .. [next]
• expire
• can manage User but cannot manage user
• group which_can
• he can manage User and user, if cannot manage User, should do also cannot manage user automaticlly?
• when auto define mode Role Definition Done, but name ["string1"] have been used by other role or group (redefine) [next]
• config: 可选择必须存储数据库，方法名取消前缀 stored
• pred -> action [next]
• role status machine
• docs: errors, support diff subjects
• docs: why? features, performance, High customization
• User.which
• role.add user, 批量定义和赋予 [NEXT]
• remove_roles from group
• before and after action
• [ ]
• [ ]

[zhandao]

# TODO: base_role => parent_role
# TODO: support multi-level tree
def org_roles *children, by_parent:, **options
  has_role  by_parent, options.merge!(children: children)
  has_roles children, options.merge!(parent: by_parent)
end

[zhandao]

module PermissionQuerying
  def can? pred, obj0 = nil, obj: nil, without_group: false
    obj = obj0 || obj
    return true if temporarily_can?(pred, obj)
    # permission = ii_config.permission_model.which(pred: pred, obj: obj)
    # return true if is_one_of? *permission.related_roles.map(&:name)
    # stored_roles.each { |role| return true if role.can? pred, obj }
    return true if ii_config.permission_model.matched?(pred: pred, obj: obj, in: permissions_of_stored_roles)
    return false if without_group || ii_config.without_group
    # is_in_one_of? *permission.related_role_groups.map(&:name)
    ii_config.permission_model.matched?(pred: pred, obj: obj, in: permissions_of_role_groups)
  end
end

[zhandao]

• doc
• generator
• which_can
• role group disable
• subject_am, subject_can
• test for can? and can!
• cancel assigment
• has_array_of => has many thought [NEXT] and will be not limited db
• configable filed name role_ids, permission_ids [next]
• merge migrations to 1 file [next]
• rails g option: role and permission model name [next]
• def and assgin return true or false
• 解决 User 类还没初始化时 method not found 问题
• role group locally
• test local permission [next]
• maintainablity [next]
• 测试自动清理 User 的 local role & permission
• falls_from & cannot auto find both in local and db
• dont show xx done if all fail [next] !!!
• uniq index with deleted_at [next]
• 不循环判断 all_of? [NNNNEXT]
• use role and permission model name in methods, like stored_my_roles [NEXT]
• user.roles.permissions.where(pred: 'pull').objs(Source)
  to: polymorphic user.permissions(:pull, Source).objs and Source.that_allow(user).to(:pull) [next]
• can / falls ... could receive a record [NEXT] !!!
• result return record or false
• result dont print anything if do nothing
• test pass record
• 使用专门的入参层重构
• saved in local，and then save to db，？=> 方案：定义互通，单向赋值（db -> temporary），且赋值时记录是 db 还是 local 的 role；查询权限时同时查：stored role 的 local 和 stored 权限