Rob*_*rty 6 cancan activeadmin ruby-on-rails-3.2
在ActiveAdmin 0.6.0中使用CanCan适配器时.我有资源工作,授权正在运行.但是,当我转到/admin根ActiveAdmin页面时,它会重定向到/admin并永久继续.
Rob*_*rty 13
如果用户无权访问页面,ActiveAdmin将重定向到仪表板.如果用户无权访问仪表板,则会导致无限重定向.
解决方案是让用户能够阅读仪表板页面.将其放在能力模型对象中:
can :read, ActiveAdmin::Page, :name => "Dashboard"
这在授权适配器文档中提到,但无限重定向似乎是由ActiveAdmin中的错误引起的.它既没有引发CanCan :: AccessDenied,也没有向用户显示消息.至少,它应该在开发中显示一条消息,以帮助解决此问题.但目前还没有.
您可以使用此处config.on_unauthorized_access所述的配置选项.
# You can also specify a method to be called on unauthorized
# access. This is necessary in order to prevent a redirect
# loop that can happen if a user tries to access a page they
# don't have permissions for
# (see [#2081](https://github.com/gregbell/active_admin/issues/2081)).
config.on_unauthorized_access = :render_403
该方法
access_denied将在application_controller.rb.中定义.下面是一个示例,它将用户从他们无权访问的页面重定向到他们有权访问的资源(在本例中为组织),并在浏览器中显示错误消息:class ApplicationController <ActionController :: Base
Run Code Online (Sandbox Code Playgroud)def access_denied(exception) redirect_to admin_organizations_path, :alert => exception.message end结束