Ruby on rails 在CanCan中通过多态关联定义能力

我有以下型号：

class Post < ActiveRecord::Base
   has_many :responses, as: :responseable, dependent: :destroy
end

class Call < ActiveRecord::Base
   has_many :responses, as: :responseable, dependent: :destroy
end

class Meeting < ActiveRecord::Base
   has_many :responses, as: :responseable, dependent: :destroy
end

class Response < ActiveRecord::Base
   belongs_to :responseable, polymorphic: true # Tested
end

---

你知道如何正确定义这些类型的能力吗？

你把控制器弄得一团糟，试着遵循REST（或者CRUD）

无论如何，Cancan将无法检测到您试图授权的资源。试着这样做：

class ResponsesController < ApplicationController

  before_filter :authenticate_user!
  load_and_authorize_resource

  respond_to :html, :xml, :js, :json, :pdf


  # GET /responses/polling
  # GET /responses/polling.json
  def polling
    responseable_type = params[:responseable_type]
    klass = [Post, Call, Meeting].detect { |c| responseable_type}
    @responseable = klass.find(params[:responseable_id])
    undivided_millisecond_epoch_time_in_integer = params[:after]
    undivided_millisecond_epoch_time_in_decimal = (undivided_millisecond_epoch_time_in_integer).to_d
    divided_millisecond_epoch_time_in_decimal = (undivided_millisecond_epoch_time_in_decimal / 1000000).to_d
    @responses = @responseable.responses.where("created_at > ?", Time.at(divided_millisecond_epoch_time_in_decimal))
  end
...

load_resource :post
load_resource :call
load_resource :meeting
load_and_authorize_resource :response, :through => [:post, :call, :meeting]

---

谢谢爱德华多。你是建议我将计算转移到标准指数行动中还是完全转移到其他地方？关于你的回答，我不清楚控制器中的这些行如何授权响应能力。当我运行ability_spec.rb时，它仍然显示响应可以访问，即使它们的父级包含表示它们不应该访问的属性。这是否与ability.rb文件中的条件分开

load_resource :post
load_resource :call
load_resource :meeting
load_and_authorize_resource :response, :through => [:post, :call, :meeting]