[英]Ruby on Rails: Devise + Cancan - How can I edit other users?
I just set up Devise with Cancan for user roles. 我只是用Cancan为用户角色设置了Devise。 I think I'm on the right track, but I just ran into a situation where I think I'm missing something small.
我认为自己走在正确的轨道上,但是我遇到了一种我认为缺少小事情的情况。
I want any user with role :admin to be able to edit the profiles/roles of every other user. 我希望任何具有角色:admin的用户都能够编辑每个其他用户的配置文件/角色。 I have the routes set up right, but when I click on the links for other users, I get redirected.
我已经正确设置了路由,但是当我单击其他用户的链接时,就会被重定向。
_user.html.erb _user.html.erb
<% @users.each do |user| %>
<li>
<%= gravatar_for user, size: 52 %>
<%= link_to user.name, user %>
<% if can? :assign_roles, @user %>
| <%= link_to "delete", user, method: :delete, confirm: "Delete user?" %>
| <%= link_to "edit", edit_user_path(user) %>
<% end %>
</li>
<% end %>
users_controller.rb ... def edit @user = User.find(params[:id]) end users_controller.rb ... def edit @user = User.find(params [:id])结束
def update
authorize! :assign_roles, @user if params[:user][:assign_roles]
if @user.update_attributes(params[:user])
flash[:success] = "Profile updated"
sign_in @user
redirect_to @user
else
render 'edit'
end
end
ability.rb ability.rb
def initialize(user)
can :assign_roles, User if user.admin?
can :manage, :all if user.is? :admin
end
I've been changing this code around all day, I might even be going in circles. 我整天都在更改此代码,甚至可能会盘旋。
Any help would be greatly appreciated. 任何帮助将不胜感激。
I figured it out. 我想到了。 Even though I was able to limit the html/css with the logic shown about, I was not able to limit model/controller interaction.
即使我能够使用所示的逻辑来限制html / css,我也无法限制模型/控制器的交互。 I have multiple controllers, and the one I was dealing with had no authentication check.
我有多个控制器,而我正在处理的控制器没有身份验证检查。 So in other words, I added
换句话说,我加了
before_filter :authenticate_user!
to my users_controller.rb file, and now it knows that I'm an admin, and what that means. 到我的users_controller.rb文件,现在它知道我是管理员,这意味着什么。 I just added this on a whim, but everything I've learned about Devise/Cancan so far is from the wiki:
我只是一时兴起地添加了它,但是到目前为止,我对Devise / Cancan所学的一切都来自Wiki:
https://github.com/ryanb/cancan/#wiki-readme https://github.com/ryanb/cancan/#wiki-readme
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.