Cancan 并不总是显示授权链接
我正在使用 Cancan 来控制用户能力,最近遇到了一个奇怪的问题:我的部分有一个“销毁”超链接,仅有时对授权用户显示。当我刷新页面时,不知道该链接是否存在。
我已按以下方式在 Ability.rb 中为我的 Event 模型定义了能力:
can [:create, :update, :destroy], Event do |event|
user.regattas(true).include?(event.regatta)
end
我使用 regattas(true) 来防止系统使用缓存的关联,以防最近发生更改。
在我的 rspec 测试中,这对于当前用户非常有用,无论是在我的 Ability.rb 测试中还是在我的 EventsController 测试中。
这里是破坏。销毁我的 _event.html.erb 部分中的超链接,我只想在用户有能力销毁 event 时出现:
<% if can? :destroy, event %>
<td><%= link_to 'Destroy', event, :confirm => 'Are you sure?', :method => :delete %></td>
<% end %>
有关如何修复闪烁的任何建议,以及获取“销毁”链接以始终向授权用户显示?还有其他人遇到过这个问题吗?
更多背景:我对另一段代码没有这个问题,不是部分代码,如下所示:
<% if can? :update, @regatta %>
<%= link_to 'Edit Regatta Info', edit_regatta_path(@regatta) %> |
<% end %>
谢谢大家。
I'm using Cancan to control User abilities, and have recently run into an odd issue: my partial has a "destroy" hyperlink that shows up only sometimes for authorized users. When I refresh the page, there's no telling whether the link will exist or not.
I've defined abilities for my Event model in Ability.rb in the following way:
can [:create, :update, :destroy], Event do |event|
user.regattas(true).include?(event.regatta)
end
I use regattas(true) to prevent the system from using the cached associations, in case something's changed recently.
In my rspec tests, this works great for the current user, both in my tests for Ability.rb and my EventsController tests.
Here's the destroy. destroy hyperlink in my _event.html.erb partial, that I only want to appear when the user has the ability to destroy event:
<% if can? :destroy, event %>
<td><%= link_to 'Destroy', event, :confirm => 'Are you sure?', :method => :delete %></td>
<% end %>
Any advice for how fix the flickering, and get the "Destroy" link to ALWAYS show up for authorized users? Has anyone else run into this issue?
More background: I don't have this issue for another piece of code, not in a partial, shown here:
<% if can? :update, @regatta %>
<%= link_to 'Edit Regatta Info', edit_regatta_path(@regatta) %> |
<% end %>
Thanks, all.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
Ryan Bates 实际上在这个cancan github 问题上为我回答了这个问题。看起来 Cancan 使用
default_scope的模型存在一个已知问题,记录在 这张票。就我而言,event.rb包含对default_scope的调用。去掉这条线就完全解决了这个问题。关于第二张票的讨论表明这是 Ruby on Rails 的问题,正如灯塔票中所述。
希望这可以帮助其他人解决这个奇怪的问题!谢谢,瑞安……如果你碰巧在这个问题上发帖,我会把答案转给你。
Ryan Bates actually answered this one for me, on this cancan github issue. Looks like Cancan has a known issue with models using
default_scope, documented on this ticket. In my case,event.rbincluded a call todefault_scope. Taking that line out completely fixed the issue.The discussion on the second ticket indicated that this was an issue with Ruby on Rails, as discussed in this lighthouse ticket.
Hope this helps anyone else with this strange issue! Thanks, Ryan... I'll switch the answer over to you, if you happen to post on this.