InheritedResources/CanCan 问题
使用 InheritedResouces 时,CanCan 在控制器中的索引操作方面表现得非常奇怪。如果我有
can :read, Question do |question|
false
end
ability.rb - 它会授予对操作的访问权限,尽管块的返回值。如果我删除此行 - “您无权访问此页面。”。 控制器代码如下:
# encoding: utf-8
class QuestionsController < InheritedResources::Base
actions :all, :except => [:edit, :update]
before_filter :authenticate_user!, :except => [:show]
load_and_authorize_resource :except => [:show]
end
CanCan behaves really strange with index action in controller while using InheritedResouces. If i have
can :read, Question do |question|
false
end
in ability.rb - it grants access to the action despite on block's returning value. If i remove this line - "You are not authorized to access this page.".
Controller code below:
# encoding: utf-8
class QuestionsController < InheritedResources::Base
actions :all, :except => [:edit, :update]
before_filter :authenticate_user!, :except => [:show]
load_and_authorize_resource :except => [:show]
end
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我不太确定,但尝试一下:
: except 前一段时间有一个错误。 https://github.com/railsbp/rails_best_practices/issues/66。
尝试更新 InheritedResources gem。
I'm not really sure but try with:
There was a bug some time ago with :except. https://github.com/railsbp/rails_best_practices/issues/66.
Try updating InheritedResources gem.