mar*_*ion 12 devise cancan ruby-on-rails-4 rolify cancancan
我正在使用CanCanCan,Devise和Rolify.
我ApplicationController看起来像这样:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :new_post
rescue_from CanCan::AccessDenied do |exception|
redirect_to root_url, :alert => exception.message
end
def new_post
@post = Post.new
end
end
我routes.rb看起来像这样:
authenticate :user, lambda { |u| u.has_role? :admin or :editor } do
get 'newsroom', to: 'newsroom#index', as: "newsroom"
get 'newsroom/published', to: 'newsroom#published'
get 'newsroom/unpublished', to: 'newsroom#unpublished'
end
# truncated for brevity
root to: "posts#index"
这是我ability.rb的相关:
elsif user.has_role? :member
can :read, :all
cannot :read, :newsroom
因此当我登录时:member,我尝试去/newsroom,我收到此错误:
NameError at /newsroom
uninitialized constant Newsroom
而不是被重定向到root_url同一个:alert像我本来期望.
不知道这里发生了什么.
编辑1
对于它的价值,我只有在将此添加到我的时才会得到NewsroomController:
authorize_resource
事实证明,问题出在我授权Newsroom控制器的方式上 - 因为Newsroom它是一个非静态控制器(即没有与Newsroom.
我必须将其添加到控制器的顶部:
authorize_resource :class => false
如此处指定: https: //github.com/CanCanCommunity/cancancan/wiki/Non-RESTful-Controllers#alternative-authorize_resource
| 归档时间: |
|
| 查看次数: |
696 次 |
| 最近记录: |