As you are using Rails, you can create these rules in Backend using Cancancan.
Read the documentation for installation and configuration. All access rules are carried out in the file ability.rb
, for your case your setting would look something like this:
class Ability
include CanCan::Ability
def initialize(usuario)
usuario ||= Usuario.new
if usuario.administrador_geral?
can :manage, :all
end
if usuario.administrador_local?
can :manage, LocalModelOne
can :manage, LocalModelTwo
end
if usuario.mantenedor?
can :manage, RestrictModelOne
can :manage, RestrictModelTwo
can :read, VeryRestrictModelOne
end
end
end
Well, I put up some fake rules just to give you an idea of the structure, but you’ll make up your own rules.
The methods administrador_geral?
, administrador_local?
and mantenedor?
are verification methods you will create in your model Usuario
, for example
def mantenedor?
usuario.tipo == MANTENEDOR_TIPO
end
Only one way it can be done, but as your question is very open, there is no way to give a closed solution, good luck.
This question seems to me too wide. And besides, you need to have at least one basis for us to be able to base ourselves here (for an eventual answer). From scratch it’s hard to help :D
– Wallace Maxters
Take a look at this response question.
– gato