Ruby on rails Rails可以解决无模型控制器的能力问题
我有一个简单的控制器方法:Ruby on rails Rails可以解决无模型控制器的能力问题,ruby-on-rails,cancan,cancancan,Ruby On Rails,Cancan,Cancancan,我有一个简单的控制器方法:WelcomeController#dashboard,该方法旨在在用户登录后作为登录页(该用户具有此测试的“管理员”角色) 我从简单开始,所以这个控制器还没有太多内容controllers/welcome\u controller.rb: class WelcomeController < ApplicationController skip_authorize_resource only: :index authorize_resource class
WelcomeController#dashboard
,该方法旨在在用户登录后作为登录页(该用户具有此测试的“管理员”角色)
我从简单开始,所以这个控制器还没有太多内容controllers/welcome\u controller.rb:
class WelcomeController < ApplicationController
skip_authorize_resource only: :index
authorize_resource class: false, only: [:dashboard]
skip_before_action :authenticate_user!, only: [:index]
layout 'external', only: [:index]
def index; end
def dashboard; end
end
然而,我的Rspec测试失败了,我不知道为什么。spec/controllers/welcome\u controller\u spec.rb中的代码是:
require 'rails_helper'
require 'cancan/matchers'
RSpec.describe WelcomeController, type: :controller do
describe 'GET #index' do
it 'returns http success' do
get :index
expect(response).to have_http_status(:success)
end
end
describe 'GET #dashboard' do
it 'manager routes to dashboard after login' do
company = Company.create!(name: 'ACME', domain: 'acme.com')
user = User.create!(email: 'test@test.com', password: 'password', password_confirmation: 'password', company_id: company.id, role: 1)
sign_in user
get :dashboard
expect(response).to have_http_status(:success)
end
it 'user does not route to dashboard after login' do
user = create(:user)
sign_in user
expect { get :dashboard }.to raise_error(CanCan::AccessDenied)
end
end
end
导致此错误的原因:
Failures:
1) WelcomeController GET #dashboard manager routes to dashboard after login
Failure/Error: get :dashboard
CanCan::AccessDenied:
You are not authorized to access this page.
# ./spec/controllers/welcome_controller_spec.rb:17:in `block (3 levels) in <top (required)>'
故障:
1) WelcomeController GET#仪表板管理器在登录后路由到仪表板
失败/错误:获取:仪表板
CanCan::拒绝访问:
您无权访问此页面。
#./spec/controllers/welcome\u controller\u spec.rb:17:in'block(3层)in'
我发现有趣的是,只有“登录后manager路由到dashboard”测试失败,因为用户的第三个测试没有问题通过,即使我使用相同的:dashboard
调用
如有任何帮助/建议,我将不胜感激
谢谢 据我所知,没有别名为的操作\u action name:access,参考 (如果不正确,请更正),但您可以使用alias_action创建自定义操作 你的能力.rb
class Ability
include CanCan::Ability
def initialize(user)
# here you create alias_action
alias_action :create, :read, :update, :destroy, to: :access
user ||= User.new # guest user (not logged in)
if user.admin?
can :manage, :all
can :access, :rails_admin
elsif user.manager?
can :read, Lesson
can :access, :dashboard
can :modify, Company
elsif user.user?
can :read, Lesson
else
can :read, :root
end
end
end
class Ability
include CanCan::Ability
def initialize(user)
# here you create alias_action
alias_action :create, :read, :update, :destroy, to: :access
user ||= User.new # guest user (not logged in)
if user.admin?
can :manage, :all
can :access, :rails_admin
elsif user.manager?
can :read, Lesson
can :access, :dashboard
can :modify, Company
elsif user.user?
can :read, Lesson
else
can :read, :root
end
end
end