无法在rails中使用active_admin配置cancancan
[英]Unable to configure cancancan with active_admin in rails
问题描述
I am trying to make a blog website. 
我正在尝试建立一个博客网站。 I am using active_admin and cancancan gem. 我正在使用active_admin和cancancan gem。 Two controllers I have made are Post , Category . 我制作的两个控制器是Post , Category 。
posts_controller.rb posts_controller.rb
class PostsController < InheritedResources::Base
load_and_authorize_resource
private
def post_params
params.require(:post).permit(:title, :body, :user_id, :published_at)
end
end
categories_controller.rb categories_controller.rb
class CategoriesController < InheritedResources::Base
load_and_authorize_resource
private
def category_params
params.require(:category).permit(:category)
end
end
user.rb user.rb
class User < ApplicationRecord
has_many :posts
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable,
:recoverable, :rememberable, :validatable
def admin?
role == "admin"
end
def regular?
role == "regular"
end
def guest?
role == "guest"
end
end
ability.rb ability.rb
class Ability
include CanCan::Ability
def initialize(user)
# Define abilities for the passed in user here. For example:
#
#user = User.new()
if user.admin?
can :manage, :all
else
can :read, :all
end
end
end
schema.rb schema.rb
ActiveRecord::Schema.define(version: 2019_02_18_221247) do
create_table "active_admin_comments", force: :cascade do |t|
t.string "namespace"
t.text "body"
t.string "resource_type"
t.integer "resource_id"
t.string "author_type"
t.integer "author_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["author_type", "author_id"], name: "index_active_admin_comments_on_author_type_and_author_id"
t.index ["namespace"], name: "index_active_admin_comments_on_namespace"
t.index ["resource_type", "resource_id"], name: "index_active_admin_comments_on_resource_type_and_resource_id"
end
create_table "categories", force: :cascade do |t|
t.string "category"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
end
create_table "posts", force: :cascade do |t|
t.string "title"
t.text "body"
t.integer "user_id"
t.date "published_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.integer "category_id"
end
create_table "users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "role", default: "guest"
t.index ["email"], name: "index_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end
end
I am trying to define authorization based on role , role column is there in users table and by default new user is the guest user. 我正在尝试根据role定义授权,users表中有role列,默认情况下,新用户是guest用户。
My goal is to allow a guest user to only read Posts. 我的目标是允许访客用户仅阅读帖子。
Problem : I am getting access denied for both admin and guest user though I have clearly defined what different types of user can do in ability.rb . 问题 :尽管我已经在能力.rb中明确定义了不同类型的用户可以执行的操作,但管理员和来宾用户都拒绝访问。
If you need more info about the code you can check it on github . 如果您需要有关代码的更多信息,可以在github上进行检查。
1 个解决方案
解决方案1
2 已采纳 2019-02-21 15:08:51
cancancan does not support InheritedResources anymore. cancancan不再支持InheritedResources。 see here: https://github.com/CanCanCommunity/cancancan/wiki/Inherited-Resources 看到这里: https : //github.com/CanCanCommunity/cancancan/wiki/Inherited-Resources
You need to use an adapter. 您需要使用适配器。 CanCanCan supports only ActiveRecord and ActionController by default. CanCanCan默认情况下仅支持ActiveRecord和ActionController。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.