Ruby on rails Rails 4应用程序中authorize@user的Pundit错误[UsersController中的Pundit::NotAuthorizedError#destroy]
我在尝试删除Rails 4应用程序中的用户时遇到以下错误。Ruby on rails Rails 4应用程序中authorize@user的Pundit错误[UsersController中的Pundit::NotAuthorizedError#destroy],ruby-on-rails,ruby-on-rails-3,ruby-on-rails-4,pundit,Ruby On Rails,Ruby On Rails 3,Ruby On Rails 4,Pundit,我在尝试删除Rails 4应用程序中的用户时遇到以下错误。 Pundit::NotAuthorizedError in UsersController#destroy not allowed to destroy? this #<User:0x005595f691bd10> Extracted source (around line #30): @user = User.find(params[:id]) # debugger
Pundit::NotAuthorizedError in UsersController#destroy
not allowed to destroy? this #<User:0x005595f691bd10>
Extracted source (around line #30):
@user = User.find(params[:id])
# debugger
authorize current_user
@user.destroy
redirect_to users_path, :notice => "User deleted."
end
Pundit::UsersController中的NotAuthorizedError#destroy
不允许破坏?这个#
提取的源(第30行附近):
@user=user.find(参数[:id])
#调试器
授权当前用户
@用户破坏
将\重定向到用户\路径:notice=>“用户已删除。”
终止
我对用户控制器发出以下吼叫:
class UsersController < ApplicationController
before_filter :authenticate_user!
before_action :set_menu
def index
@users = User.all.page(params[:page]).per(8)
authorize @users
end
def show
@user = User.find(params[:id])
authorize @user
end
def update
@user = User.find(params[:id])
#authorize @user
if @user.update_attributes(secure_params)
redirect_to users_path, :notice => "User updated."
else
redirect_to users_path, :alert => "Unable to update user."
end
end
def destroy
@user = User.find(params[:id])
authorize @user
@user.destroy
redirect_to users_path, :notice => "User deleted."
end
private
def secure_params
params.require(:user).permit(:role)
end
def set_menu
store_menu("User")
end
end
class UsersController“用户已更新。”
其他的
将\重定向到用户\路径:警报=>“无法更新用户。”
终止
终止
def销毁
@user=user.find(参数[:id])
授权@user
@用户破坏
将\重定向到用户\路径:notice=>“用户已删除。”
终止
私有的
def安全参数
参数require(:用户).permit(:角色)
终止
def set_菜单
存储菜单(“用户”)
终止
终止
下面是我的用户型号代码
class User < ActiveRecord::Base
enum role: [:admin,:user]
after_initialize :set_default_role, :if => :new_record?
def set_default_role
self.role ||= :user
end
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
has_one :customer
# has_one :customer, dependent: :destroy
end
class UserPolicy < ApplicationPolicy
attr_reader :user, :model
def initialize(user, model)
@user = user
@model = model
end
def index?
@user.admin?
end
class Scope < Scope
def resolve
scope
end
end
end
class用户:新建记录?
def set_默认_角色
self.role | |=:用户
终止
#包括默认设计模块。其他可供选择的项目包括:
#:可确认、:可锁定、:超时和:全授权
设计:数据库可验证,可注册,
:可恢复,:可记忆,:可跟踪,:可验证
有一个:顾客
#有一个:客户,依赖::销毁
终止
下面是我的用户策略文件
class User < ActiveRecord::Base
enum role: [:admin,:user]
after_initialize :set_default_role, :if => :new_record?
def set_default_role
self.role ||= :user
end
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
has_one :customer
# has_one :customer, dependent: :destroy
end
class UserPolicy < ApplicationPolicy
attr_reader :user, :model
def initialize(user, model)
@user = user
@model = model
end
def index?
@user.admin?
end
class Scope < Scope
def resolve
scope
end
end
end
class UserPolicy
如何解决特定用户的删除或销毁操作错误?您应该在
用户策略.rb
中添加删除方法,如下所示
def destroy?
current_user = @user
end
要使销毁工作正常。您应该在
user\u policy.rb
中添加删除方法,如下所示
def destroy?
current_user = @user
end
请用
app/policies/user\u policy.rb更新您的问题。请用app/policies/user\u policy.rb更新您的问题。谢谢Pavan,抱歉耽搁了,解决方案对我有效,我的代码做了一些小改动:)谢谢Pavan,抱歉耽搁了,该解决方案对我有效,只需对代码做一些小的更改:)