使用 CanCan 通过模型关联验证用户的能力
我有一个如下所示的 TakeAction 模型:
class TakeAction < ActiveRecord::Base
belongs_to :user
has_many :take_action_notes
attr_protected :user_id
end
和一个如下所示的 TakeActionNote 模型:
class TakeActionNote < ActiveRecord::Base
belongs_to :take_action
validates_presence_of :note
end
使用 CanCan,我试图允许拥有 take_action 的用户创建和销毁(管理)笔记。
我尝试过用这样的块来定义能力。
can :manage, TakeActionNote do |action, note|
note.take_action.user.id == user.id
end
我可以毫无问题地向 take_action 添加注释,但是当我尝试销毁它时,我得到:
Take actionnotesController#33 中的 NoMethodError undefined method `take_action' for nil:NilClass
有什么我遗漏或做错的吗?任何帮助表示赞赏。谢谢!
I have a TakeAction model that looks like this:
class TakeAction < ActiveRecord::Base
belongs_to :user
has_many :take_action_notes
attr_protected :user_id
end
and a TakeActionNote model that looks like this:
class TakeActionNote < ActiveRecord::Base
belongs_to :take_action
validates_presence_of :note
end
Using CanCan, I'm trying to allow the user that owns the take_action to create and destroy (manage) notes.
I've tried defining abilities with a block like this.
can :manage, TakeActionNote do |action, note|
note.take_action.user.id == user.id
end
I can add notes to the take_action without any problem but when I try to destroy it I get:
NoMethodError in Take action notesController#33
undefined method `take_action' for nil:NilClass
Is there anything I'm missing or doing wrong? Any help is appreciated. Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
问题实际上出在 TakeActionNotes 控制器中。和康康没关系。
另外,我将 Skill.rb 中的阻止条件更改为哈希条件,如下所示:
The problem was actually in the TakeActionNotes controller. Nothing to do with CanCan.
Also, I changed the block condition to a hash condition in my Ability.rb to look like: