[英]Using CanCanCan for Roles and Multiple Devise Models?
我需要使用CanCanCan來限制所有用戶只能查看自己的數據或允許他人查看有限數據的能力。
我已經嘗試了以下方法,但是不起作用:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
affiliate ||= Affiliate.new # guest user (not logged in)
# guest ||= U
#Admin
if user.admin?
can :manage, :all
elsif user.seller?
can :manage, Listing, user_id: user.id
can :read, Listing
can :manage, Order, buyer_id: user.id
can :manage, Order, seller_id: user.id
can :manage, StripeAccount, user_id: user.id
can :manage, BankAccount, user_id: user.id
can :manage, User, user_id: user.id
elsif affiliate
can :manage, User, affiliate_id: affiliate.id
can :read, Order
can :manage, StripeAccount, affiliate_id: affiliate.id
can :manage, Affiliate, affiliate_id: affiliate.id
#Buyer
elsif user.buyer?
can :read, Listing
can [:create, :read, :edit, :purchases, :update], Order, buyer_id: user.id
#Guest
else
can :read, Listing
can [:create, :order_confirmation], Order
# can :create, User
end
end
end
當我以會員身份登錄時,它不會讓我查看與affiliate.id相關聯的StripeAccount,並且該鏈接位於模型中。
我有兩個模型,User和Affiliate。
用戶的角色為枚舉1,2,3。 (管理員為3)會員的角色為枚舉1,2
我需要為每個設計模型和每個設計模型中的每個角色設置限制。
這似乎已經解決了,仍在測試:
private
def current_ability
@current_ability ||= Ability.new(current_user, current_affiliate)
end
然后用:
def initialize(user, affiliate)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.