当CASL中没有为给定主题提供任何规则时,检查该主题的能力总是返回false。
。
import { Ability } from '@casl/ability';
const ability = new Ability({
action: "read", subject: "FirstSubject",
// no rule for SecondSubject
});
ability.can("read", "FirstSubject"); // true
ability.can("write", "FirstSubject"); // false
ability.can("read", "SecondSubject"); // false <-- These two lines should
ability.can("write", "SecondSubject"); // false <-- return `true`是否有可能以一种方式改变这种行为,使能力返回没有任何规则的主题的true?
在我的用例中,我有大量的主题,新的主题可以动态添加。每当添加新主题时,总是必须添加{ action: "manage", subject: "NewSubject"}是困难的。我宁愿只为那些实际受到限制的主题添加规则。
根据与CASL作者的聊天,这是不可能实现的。
这是一个办法:
import {Ability} from '@casl/ability';
class AppAbility extends Ability {
relevantRuleFor (action, subject, field, allowNotDefinedRule) {
const rule = super.relevantRuleFor(action, subject, field);
if (!rule && allowNotDefinedRule) {
return {inverted: false};
}
return rule;
}
}
export const ability = new AppAbility([]);
那么你可以这样使用:
ability.can('read', 'Post', undefined, true);
请注意,您的组件将无法正常工作,因为在源代码中,它有以下代码具有私有修饰符:
private _canRender () {
const props = this.props;
const subject = props.of || props.a || props.an || props.this || props.on;
const can = props.not ? 'cannot' : 'can';
return props.ability[can](props.I || props.do, subject, props.field);
}
在这种情况下,您需要创建自己的组件。
你可以这样做:
import { defineAbility } from '@casl/ability'
const ability = defineAbility((can, cannot) => {
can(['read','write'],'all')
cannot('write', 'FirstSubject')
})
console.log( ability.can("read", "FirstSubject")) // true
console.log(ability.can("write", "FirstSubject")) // false
console.log(ability.can("read", "SecondSubject")) // true
console.log(ability.can("write", "SecondSubject")) // true