在 CanCan 中跳过一个轨道操作
我有一个带有一些常规方法的用户控制器。我的ability.rb 已设置,但我需要未登录的用户不必处理这一操作。对于未登录的用户,我已在能力.rb 中尝试了以下所有操作,但没有产生任何影响。我仍然收到未经授权的错误。
can :create, User
can :update, User
can :edit, User
can :modify, User
接下来,我尝试在我的能力中创建一个条目。rb
can :do_this_action, User
并将其放入用户控制器中
authorize!(:can_do_this_action, User.new || @user)
仍然没有运气。
最后,我尝试跳过该操作。我在我的用户控制器中这样做了:
skip_authorization_check :only => [:create, :new, :custom_method ]
authorize_resource
这仍然给我的自定义方法带来未经授权的错误。有人知道我哪里出错了吗?提前致谢。
I've got a User controller with a few of the regular methods. My ability.rb is set up but I need non-logged in users to not have to deal with this one action. I've tried all of the following in my ability.rb for non-logged in users but it hasn't made a difference.. I'm still getting an unauthorized error.
can :create, User
can :update, User
can :edit, User
can :modify, User
Next I tried creating an entry in my ability.rb
can :do_this_action, User
And put this in the Users Controller
authorize!(:can_do_this_action, User.new || @user)
Still no luck..
Lastly, I tried to just skip the action. I did it with this in my Users Controller:
skip_authorization_check :only => [:create, :new, :custom_method ]
authorize_resource
That still gives my custom method an unauthorized error. Anyone have any idea where I'm going wrong? Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
尝试像
:before_filter一样使用这个助手:Try using this helper just like a
:before_filter: