[英]Rails_admin, cancancan for authorization, devise for authentication. Login Redirect?
當我嘗試導航到/ admin時。 如果沒有用戶登錄並且有非管理員用戶登錄,Cancancan會執行一個操作。我想重定向到登錄屏幕-如果登錄成功,請進入rails_admin儀表板。
見下文,我目前的代碼/配置,如果您需要更多信息,請告訴我:
/app/models/ability.rb
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user && user.admin?
can :access, :rails_admin # only allow admin users to access Rails Admin
can :dashboard
can :manage, :all
else
can :read, :all # allow everyone to read everything
end
end
end
/config/initializers/rails_admin.rb
RailsAdmin.config do |config|
### Popular gems integration
# == Devise ==
# config.authenticate_with do
# warden.authenticate! scope: :user
# end
# config.current_user_method(&:current_user)
# == Cancan ==
config.authorize_with :cancan
## == Pundit ==
# config.authorize_with :pundit
## == PaperTrail ==
# config.audit_with :paper_trail, 'User', 'PaperTrail::Version' # PaperTrail >= 3.0.0
### More at https://github.com/sferik/rails_admin/wiki/Base-configuration
config.actions do
dashboard # mandatory
index # mandatory
new
export
bulk_delete
show
edit
delete
show_in_app
## With an audit adapter, you can add:
# history_index
# history_show
end
config.model 'User' do
create do
field :name
field :email
field :password
field :password_confirmation
field :role
end
edit do
field :name
field :email
field :password
field :password_confirmation
field :role
end
end
end
/config/routes.rb
Rails.application.routes.draw do
mount RailsAdmin::Engine => '/admin', as: 'rails_admin'
# authenticate :admin do
# mount RailsAdmin::Engine => '/admin', as: :rails_admin
# end
root to: 'visitors#index'
devise_for :users
resources :users
devise_scope :user do
get "signup", to: "devise/registrations#new"
get "login", to: "devise/sessions#new"
get "logout", to: "devise/sessions#destroy", as: 'logout'
end
end
聽起來您似乎想從CanCan :: AccessDenied異常中解救出來。
rescue_from CanCan::AccessDenied do |exception|
redirect_to login_path, :alert => exception.message
end
將login_path
替換為登錄名的實際路徑名。 您可以通過查找rake routes
並找到指向devise/sessions#new
的條目來找到它rake routes
您還可以使邏輯更加健壯,並且僅在他們嘗試訪問管理區域中的頁面時才進行重定向。
我有類似的情況,並且我無法將任何管理員重定向到根路徑。 我正在使用Rails 5
和Ruby 2.3
這是我的設置:
管理欄
# config/initialize/rails_admin.rb
config.authorize_with do
unless current_user.try(:admin?)
flash[:error] = "You are not authorize to access this page!"
redirect_to main_app.root_path
end
end
可以可以
# models/ability.rb
def initialize(user)
user ||= User.new # guest user (not logged in)
can :manage, :all if user.role == "user"
end
用戶嘗試訪問/admin
它會重定向到根路徑,並出現Flash錯誤。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.