Skip to content

Descriptors

A descriptor in the context of the Lesli Security gem is a collection of rails controllers and actions paths, this means we store in the database the route of every controller and their corresponding actions registered in the route.rb file.

Example:

ControllerActionAllowed
Usersindextrue
Usersshowtrue
Userscreatetrue
Usersedittrue
Usersdeletefalse

Of course to have a well designed and a good integrity in the database we have to split this into multiples tables:

  • System controllers: All the controllers registered in the routes.rb file.
  • System controller actions: The actions available in every controller.
  • Descriptors: Just the head of the descriptor map.
  • Descriptor privileges: The relation and status between controller, action and descriptor.

Using this database structure we can create a view to manage the collection of controllers/actions that belongs to a descriptor: