1
以下是代码。CanCan + Devise:管理员用户无法获得权限,即使他应该
class WebsitesController < ApplicationController
load_and_authorize_resource
...
end
class ApplicationController < ActionController::Base
...
check_authorization :unless => :do_not_check_authorization?
private
def do_not_check_authorization?
respond_to?(:devise_controller?)
end
end
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
if user.role? == "admin"
can :manage, :all
elsif user.role? == "developer"
can :manage, :websites
can :manage, :pages
can :manage, :templates
elsif user.role? == "editor"
can :manage, :pages
end
end
end
从它的外观,具有管理员角色的用户应该能够因为can :manage, :all
网站负责人做任何事情。
但是,当我打的网站/指数,我得到
CanCan::AccessDenied in WebsitesController#index
You are not authorized to access this page.
这究竟是为什么?
嗨!你是否在用“rolify”来管理用户的角色? – jvnill 2013-03-28 00:50:16
@jvnill,我解决了我的问题。它在下面的答案中看到了我的愚蠢错误。 – 2013-03-28 00:51:25