Rails 3.1:可以吗?方法总是返回 false
我的 Rails 应用程序有问题。我使用 cancan 对某些用户隐藏一些链接。 我没有收到任何错误,并且用户的角色被正确识别。但无论我尝试什么,我的链接都不会显示。 can?-方法始终返回 true。 这是我的能力等级:
class Ability
include CanCan::Ability
def initialize(user)
current_user ||= User.new # guest user (not logged in)
puts "Debug"
if current_user.role?(:Admin)
can :manage, Prof
else
if current_user.role?(:Proff)
can :manage, [Exam, Note, Student,Break,Appointment]
else
if current_user.role?(:Student)
can :update, Appointment
can :show, Exam
end
end
end
end
end
这是我的观点:@exam 绝对不是零。我也尝试过 Exam 和 :exam,但没有任何作用。
<% if can? :edit, @exam%>
<%= link_to 'Bearbeiten', edit_exam_path(@exam) %> |
<%= link_to 'Alle Prüfungen', exams_path %>
<% end%>
我不知道这是否重要,但这就是我的控制器的头部:
class ExamsController < ApplicationController
before_filter :login_required
skip_authorization_check
...
我的考试模型:
class Exam < ActiveRecord::Base
belongs_to :prof
validates_presence_of :prof_id,:title,:deadline
has_many :examdates, :dependent => :destroy
accepts_nested_attributes_for :examdates,
:allow_destroy => true#, :reject_if => proc {| a| a[:date].blank? }
end
在控制台中我尝试
Exam.accessible_by(ability)
并得到了[]。 我正在使用 cancan 1.6.7、rails 3.1.0 和 ruby 1.8.7。
我真的希望有人能弄清楚我做错了什么。
提前致谢!
I have a problem with my rails-App. I use cancan to hide some links from certain users.
I don´t get any errors and the role of the user is correctly recognized. But whatever I try, my link is never shown. The can?-Method always returns true.
This is my ability class:
class Ability
include CanCan::Ability
def initialize(user)
current_user ||= User.new # guest user (not logged in)
puts "Debug"
if current_user.role?(:Admin)
can :manage, Prof
else
if current_user.role?(:Proff)
can :manage, [Exam, Note, Student,Break,Appointment]
else
if current_user.role?(:Student)
can :update, Appointment
can :show, Exam
end
end
end
end
end
This is from my view: the @exam is definitly not nil. I also tried Exam and :exam, nothing works.
<% if can? :edit, @exam%>
<%= link_to 'Bearbeiten', edit_exam_path(@exam) %> |
<%= link_to 'Alle Prüfungen', exams_path %>
<% end%>
I don´t know, if this is important, but thats the head of my controller:
class ExamsController < ApplicationController
before_filter :login_required
skip_authorization_check
...
My Exam Model:
class Exam < ActiveRecord::Base
belongs_to :prof
validates_presence_of :prof_id,:title,:deadline
has_many :examdates, :dependent => :destroy
accepts_nested_attributes_for :examdates,
:allow_destroy => true#, :reject_if => proc {| a| a[:date].blank? }
end
In the console I tried
Exam.accessible_by(ability)
and got [].
I´m using cancan 1.6.7, rails 3.1.0 and ruby 1.8.7.
I really hope, someone can figure out, what I´m doing wrong.
Thanks in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我不确定,但是通过添加
控制器应该一切都好。
至此,
@exam已在控制器中的每个操作中加载并获得授权。我知道您也可以传递类而不是实例,因此
Exam应该可以工作,但仍然尝试我的解决方案。另请参阅 Debugging-Abilities-Cancan
I'm not sure, but it should be all good by adding
in the controller.
By this,
@examis already loaded and authorized in every action in the controller.I know that you can also pass the class instead of an instance, so
Examshould work, but still try my solution.Also look at Debugging-Abilities-Cancan