English 中文(简体)
授权用户使用扫描和设计
原标题:authorizing users with cancan and devise

我有一个以Devise为创建的用户模式,它拥有一个行政管理的风气场和一个角色。 我试图创建一种能力阶层,使非行政管理用户能够根据角色拥有某些能力,但与这一进程有问题。 我设立了授权控制员:

class AuthorizedController < ApplicationController
 before_filter :authenticate_user!
 check_authorization :unless => :devise_controller?
 load_and_authorize_resource

 rescue_from CanCan::AccessDenied do |exception|
  flash[:alert] = exception.message
  redirect_to root_url
 end

end

class Ability
  include CanCan::Ability

  def initialize(user)
    if !user
    can  :read, :all
  end

  if user 
    admin_rules if user.admin?
    commenter_rules if user.role.equal?("1")
    author_rules if user.role.equal?("2")
  end     
end

  def admin_rules
    can :manage, :all
  end

  def commenter_rules
    can :manage, Data, :active => true, :user_id => user.id
  end

  def author_rules
    can :manage, Post, :active => true, :user_id => user.id
  end 
end

现在,每当我试图查阅任何网页时,它就会发出一个例外的信息:“你不能获准进入这一网页,而不能进入网站的那部分。

问题回答

我感觉到can正在正确工作。 引诱:

  1. Temporarily take out the check_authorization

  2. 添加几条内容,以便了解你具备哪些能力:

    %h1 What abilities do I have?
%ul
  %li can?(:manage, Data)
  %li can?(:manage, :all)
  %li etc..
时间:2012-02-08 23:06:47


上一篇:
下一篇:


相关问题
rails collection_select vs. select

collection_select and select Rails helpers: Which one should I use? I can t see a difference in both ways. Both helpers take a collection and generates options tags inside a select tag. Is there a ...

时间:2009-11-13 11:13:04 回答:3 展示:1
SSL slowness in EC2

We ve deployed our rails app to EC2. In our setup, we have two proxies on small instances behind round-robin DNS. These run nginx load balancers for a dynamically growing and shrinking farm of web ...

时间:2009-11-13 03:37:45 回答:3 展示:1
Auth-code with A-Za-z0-9 to use in an URL parameter

As part of a web application I need an auth-code to pass as a URL parameter. I am currently using (in Rails) : Digest::SHA1.hexdigest((object_id + rand(255)).to_s) Which provides long strings like : ...

时间:2009-11-09 19:05:27 回答:4 展示:1
RubyCAS-Client question: Rails

I ve installed RubyCAS-Client version 2.1.0 as a plugin within a rails app. It s working, but I d like to remove the ?ticket= in the url. Is this possible?

时间:2009-11-09 18:52:58 回答:1 展示:1
activerecord has_many :through find with one sql call

I have a these 3 models: class User < ActiveRecord::Base has_many :permissions, :dependent => :destroy has_many :roles, :through => :permissions end class Permission < ActiveRecord::...

时间:2009-11-09 16:00:01 回答:3 展示:1
Ordering a hash to xml: Rails

I m building an xml document from a hash. The xml attributes need to be in order. How can this be accomplished? hash.to_xml

时间:2009-11-09 15:49:30 回答:5 展示:1
Text Editor for Ruby-on-Rails

guys which text editor is good for Rubyonrails? i m using Windows and i was using E-Texteditor but its not free n its expired now can anyone plese tell me any free texteditor? n which one is best an ...

时间:2009-11-09 14:40:21 回答:13 展示:1
How to get SQL queries for each user where env is production

I’m developing an application dedicated to generate statistical reports, I would like that user after saving their stat report they save sql queries too. To do that I wrote the following module: ...

时间:2009-11-09 14:20:51 回答:1 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全