stackoom
  简体   繁体   中英

Cancancan ability for guest user

 原文  2019-12-24 16:23:25       ruby-on-rails/ cancancan

Question

Site is having model Post which just display a Post, nothing fancy If in Ability i add When no user is logged it they should be able to read all the post So in Ability.rb

def initialize(user)    
        can :manage, Post
end

This works but of course it should be

def initialize(user)    
        can :read, Post
end

Which doesn't work (403)

Based on what I've read :read should alias for index show actions I can't find a way to debug why it fails. All help appreciated

1 answers

solution1
 1  2019-12-24 16:40:36

I suppose you are automatically authorizing all actions in a RESTful style resource controller with load_and_authorize_resource method. If the index action does not require user to login then you should skip this method specifically for index . Try

load_and_authorize_resource :except => [:index]

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Nil user in CanCanCan ability.rb CanCanCan ability to create Invite resource if User can manage Group How to write CanCanCan Ability for user to read only their data? Testing CanCanCan ability definition CanCanCan Ability Viewing in the UI Cancancan gem defining ability Cancancan ability for specific case ActiveAdmin Sortable and Cancancan Ability Defining a complex ability using CanCanCan Rails Cancancan define ability on 3 association
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM