Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/ruby-on-rails/56.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ruby on rails 动态权限不适用于cancan中的单个模型_Ruby On Rails_Permissions_Authorization_Cancan - Fatal编程技术网
Fatal编程技术网
  • ruby-on-rails/
  • Ruby on rails 动态权限不适用于cancan中的单个模型

Ruby on rails 动态权限不适用于cancan中的单个模型

ruby-on-rails permissions

Ruby on rails 动态权限不适用于cancan中的单个模型,ruby-on-rails,permissions,authorization,cancan,Ruby On Rails,Permissions,Authorization,Cancan,我使用CancanGem为管理员端的动态权限编写了代码 当我授予所有和读取/创建权限时。它将起作用,但当我授予modle_name和read/create权限时。它将显示访问被拒绝。当存在该权限时 class ApplicationController < ActionController::Base protect_from_forgery rescue_from CanCan::AccessDenied do |exception| logger.info("<

我使用CancanGem为管理员端的动态权限编写了代码

当我授予所有和读取/创建权限时。它将起作用,但当我授予modle_name和read/create权限时。它将显示访问被拒绝。当存在该权限时

class ApplicationController < ActionController::Base
  protect_from_forgery

  rescue_from CanCan::AccessDenied do |exception|
    logger.info("<.............#{exception.inspect}...........>")
    flash[:alert] = "Access denied. You are not authorized to access the requested page."
    redirect_to user_root_path
  end

  protected
  #derive the model name from the controller. egs UsersController will return User
  def self.permission
    return name = self.name.gsub('Controller','').singularize.split('::').last.constantize.name rescue nil
  end

  def current_ability
    @current_ability ||= Ability.new(current_user)
  end

  #load the permissions for the current user so that UI can be manipulated
  def load_permissions
    @current_permissions = current_user.roles.each do|role|
    end
  end
end


class Ability
  include CanCan::Ability

  def initialize(user)
    user.roles.each do|role|
      role.permissions.each do |permission|
        if permission.subject_class == "all"
          can permission.action.to_sym, permission.subject_class.to_sym
        else
          can permission.action.to_sym, permission.subject_class.constantize
        end
      end
    end
  end
end
is将以控制台形式向我显示错误

<....CanCan......:public_doc...........>
<....CanCan......:new...........>
<....CanCan......#<CanCan::AccessDenied: You are not authorized to access this page.>...........>
我做了一些这样的代码

请帮我解决这个问题。
谢谢。

我将我的能力课程编辑为:

class Ability
  include CanCan::Ability

  def initialize(user)
    user.roles.each do|role|
      role.permissions.each do |permission|
        if permission.subject_class == "all"
          can permission.action.to_sym, permission.subject_class.to_sym
        else
          can permission.action.to_sym, permission.subject_class.to_sym
        end
      end
    end
  end
end
并在权限中传递值,如下所示

permission.subject_class = public_doc
permission.action = create
这是为我工作。 :)

permission.subject_class = public_doc
permission.action = create