[英]Rails3 - CanCan - uninitialized constant Ability::Page
I have just added cancan 1.5.0 to my rails 3 app here is my ability file - 我刚刚将cancan 1.5.0添加到我的rails 3应用程序这里是我的能力文件 -
def initialize(user)
user ||= User.new
if user.role == 'Admin'
can :manage, :all
end
if user.role == 'Standard'
can :manage, Library
can :manage, Page
else
can :manage, Page
can :manage, Library
end
I have a custom class (non-restful functions) 我有一个自定义类(非restful函数)
class PagesController < ApplicationController
authorize_resource :class => false
def home
end
end
As you can see I am using the correct function for a not restful class but I am still getting this error - 正如你所看到的,我正在使用正确的函数来安排一个不太安宁的类,但我仍然遇到这个错误 -
uninitialized constant Ability::Page
Here is the beginning of the stacktrace - 这是堆栈跟踪的开始 -
app/models/ability.rb:16:in `initialize'
cancan (1.5.0) lib/cancan/controller_additions.rb:327:in `new'
cancan (1.5.0) lib/cancan/controller_additions.rb:327:in `current_ability'
cancan (1.5.0) lib/cancan/controller_additions.rb:308:in `authorize!'
cancan (1.5.0) lib/cancan/controller_resource.rb:40:in `authorize_resource'
cancan (1.5.0) lib/cancan/controller_resource.rb:9:in `block in add_before_filter'
activesupport (3.0.3) lib/active_support/callbacks.rb:436:in ` _run__1386450187816505438__process_action__15559788756486462__callbacks'
activesupport (3.0.3) lib/active_support/callbacks.rb:409:in `_run_process_action_callbacks'
activesupport (3.0.3) lib/active_support/callbacks.rb:93:in `run_callbacks'
Thanks, Alex 谢谢,亚历克斯
The CanCan documentation describes the can
method as: CanCan文档将
can
方法描述为:
The
can
method is used to define permissions and requires two arguments.can
方法用于定义权限并需要两个参数。 The first one is the action you're setting the permission for, the second one is the class of object you're setting it on.第一个是您正在设置权限的操作,第二个是您正在设置它的对象类。
So, the problem is that you don't have a Page
class in your system for CanCan to manage access to. 因此,问题是您的系统中没有用于CanCan管理访问权限的
Page
类。
Note that CanCan is built as: (emphasis added by me) 请注意,CanCan的构建如下:(重点由我添加)
an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access.
授权库,Ruby on Rails的制约哪些资源给定用户被允许访问。
So if you are aiming to control abstract concepts which don't have rails resources attached to them then you'll probably have a tough time with CanCan 因此,如果您的目标是控制没有附加rails资源的抽象概念,那么CanCan可能会遇到困难
Just a note to anyone finding this now on... 只是给现在发现这个的人的一个注释......
You can authorise any non-restful controller, abstract classes and methods.. 您可以授权任何非宁静的控制器,抽象类和方法。
Example: 例:
/app/models/role_ability.rb /app/models/role_ability.rb
class RoleAbility
def initialize(user)
user ||= User.new
if user.role == 'Admin'
can :manage, Post # some existing resource_authorisation
can :do_this, :on_this # authorizing a non resource
end
end
end
:do_this and :on_this are completly arbitrary but they must match the authorize! :do_this和:on_this完全是任意的,但它们必须匹配授权! params in the controller like so...
控制器中的参数如此......
class Controller < ApplicationController
def some_abstract_method
### Awesome method code goes here
authorize! :do_this, :on_this
end
end
Just remember that chances are you probably already have some resource authorization happening from within the ApplicationController maybe like this 请记住,您可能已经在ApplicationController中发生了一些资源授权,可能就是这样
class ApplicationController
authorize_resource || authorize! :admin, Object || load_and_authorize_resource etc
end
so remember to skip_authorize_resource in your non-restful/abstract controller 所以请记住在非宁静/抽象控制器中使用skip_authorize_resource
class AbstractController < ApplicationController
skip_authorize_resource
def some_abstract_method
authorize! :do_this, :on_this
end
end
Now an admin can :do_this, :on_this and will authorize nicely. 现在管理员可以:do_this,:on_this并且将很好地授权。 You would probably want to name the ability a bit more semantically, just wanted to emphasize the arbitrary-ness.
你可能想要在语义上更具名称,只是想强调任意性。
This is all using Cancan 1.5, haven't tried on anything earlier. 这都是使用Cancan 1.5,之前没有尝试过。
From https://github.com/ryanb/cancan/wiki/Non-RESTful-Controllers 来自https://github.com/ryanb/cancan/wiki/Non-RESTful-Controllers
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.