CanCan - 查找特定类的未定义方法
我有一个名为管理员的控制器。该控制器对其他模型有操作。当我尝试使用 CanCan 授权此操作时,我收到此响应。
<h1>
NoMethodError
in AdministratorController#preproduct_delete
</h1>
<pre>undefined method `find' for Administrator:Class</pre>
控制器代码开头为:
class AdministratorController < ApplicationController
load_and_authorize_resource
before_filter :authenticate_user!
def users
authorize! :users, "Users List"
@users = User.all
end
end
能力模型具有:
if user.admin? then :admin
can :users
end
authenticate_user! 方法:
# See ControllerAdditions#authorize! for documentation.
def authorize!(action, subject, *args)
message = nil
if args.last.kind_of?(Hash) && args.last.has_key?(:message)
message = args.pop[:message]
end
if cannot?(action, subject, *args)
message ||= unauthorized_message(action, subject)
raise AccessDenied.new(message, action, subject)
end
subject
end
我尝试从控制器中删除 load_and_authorize_resource,但是当调用任何操作时,CanCan 每次都会将我重定向到登录页面。
多谢
I have a controller named Administrator. This controller has actions to anothers models. When I try to authorize this actions with CanCan I get this response.
<h1>
NoMethodError
in AdministratorController#preproduct_delete
</h1>
<pre>undefined method `find' for Administrator:Class</pre>
The controller code begins with:
class AdministratorController < ApplicationController
load_and_authorize_resource
before_filter :authenticate_user!
def users
authorize! :users, "Users List"
@users = User.all
end
end
The ability model has:
if user.admin? then :admin
can :users
end
The authenticate_user! method:
# See ControllerAdditions#authorize! for documentation.
def authorize!(action, subject, *args)
message = nil
if args.last.kind_of?(Hash) && args.last.has_key?(:message)
message = args.pop[:message]
end
if cannot?(action, subject, *args)
message ||= unauthorized_message(action, subject)
raise AccessDenied.new(message, action, subject)
end
subject
end
I tried to remove load_and_authorize_resource from the controller, but when any action is called, CanCan redirects me to login page every time.
Thanks a lot
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您没有指定权限, can :user 是什么意思?指定一个权限,所有权限使用:manage。
You did not specified the permission, what does can :user mean ? specify a permission, for all permissions use :manage.
请粘贴 AdministratorController 的 preproduct_delete
Administrator 是否继承自 ActiveRecord::Base ?如果没有找到是因为没有。
它应该是
authenticate_user!方法:这不是authenticate_user!方法,这就是授权! 非常不同,你有 before_filterauthenticate_user!在此发布此方法。有东西正在调用 preproduct_delete。
Please paste preproduct_delete of AdministratorController
Is Administrator inheriting from ActiveRecord::Base ? if it doesn't have find is because is not.
it should be
The
authenticate_user!method:THIS IS NOT the authenticate_user! method, this is authorize! very different, you have before_filter authenticate_user! post this method here. Something is calling preproduct_delete.
一种可能的原因是需要显式设置类名。在我的示例中,我将注释资源嵌套在线程资源下,并且我在控制器中编写了以下内容:
这给了我
未定义的查找方法错误,因为注释模型位于线程命名空间下。当我像下面这样明确设置它时,它就起作用了。One possible reason is that the class name needs to be explicitly set. In my example I had the comments resource nested under the thread resource, and I was writing the following in controller:
This gives me
undefined find methoderror, because comment model was under the thread namespace. When I explicitly set it like the following it works.