CanCan，索引和显示之间有什么不同？

发布于 2024-12-01 20:58:43 字数 209 浏览 0 评论 0原文

我在能力.rb 中有以下内容，

  can :index, Thread

  can :show, Thread do |thread|
    1 == 2
  end

我将显示结果硬编码为 false 以测试失败。令人震惊的是，演出从未失败。线程索引和线程都显示返回，而不会导致 CanCan 访问被拒绝。这是怎么回事？建议？谢谢

原文

I have the following in ability.rb

  can :index, Thread

  can :show, Thread do |thread|
    1 == 2
  end

I hard coded show to result as false to test a fail. Shockingly, show never fails. Both Thread index and Thread show both return without resulting in a CanCan access denied. What's going on with that? Suggestions? Thx

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

攒一口袋星星 2024-12-08 20:58:43

正如此处 所示： index 和 :show 是 :read 的别名，这意味着它们是同义词。

当您说 can :index, Thread 时，意味着用户将能够读取任何内容。
当您稍后定义第二条规则时 can :show, Thread {|t| 1 == 2}，CanCan 对连续规则的查询是析取的，即 result =rule1 或rule2。要通过差异计算结果 result = Rule1 - Rule2，请使用 cannot 作为第二条规则：

cannot :show, Thread {|t| 1 == 2}

As can be seen here :index and :show are aliases of :read, that means they are synonyms.

When you say can :index, Thread that means the user will be able to read anything.
When you later define second rule can :show, Thread {|t| 1 == 2}, the CanCan query for successive rules is disjunctive, that is result = rule1 or rule2. To have the result computed via difference result = rule1 - rule2 use cannot for the 2nd rule: