我针对此问题尝试了不同的解决方案,但没有一个有效,因此请不要尝试将问题视为重复问题来关闭。
我的用户表中有角色列。因此,用户可以通过 admin
或 user
进行操作,我需要使用 CanCan
在用户角色的基础上添加权限。我想将所有权限授予管理员。我以管理员身份登录,但是当我访问 /users
时,我收到错误 uninitializedconstantability
并且当我删除 load_and_authorize_resource
时,我的 cancan 权限没有不工作。我的能力等级看起来像
class Ability
include CanCan::Ability
def initialize(user)
#abort("Message goes here")
user ||= User.new # guest user
#abort('some user')
if user.role == 'admin'
can :manage, :all
elsif user.role == 'user'
can :manage, Micropost do |micropost|
micropost.try(:owner) == user
end
can :update, User do |users|
users.try(:owner) == user
end
else
can :read, :all
end
end
end
在我的UsersController
中我有
class UsersController < ApplicationController
load_and_authorize_resource
#devise code
before_filter :authenticate_user!, only: [:index, :edit, :update, :destroy, :following, :followers]
blah blah
end
我的路线文件看起来像
FirstApp::Application.routes.draw do
devise_for :users
resources :users do
member do
get :following, :followers
end
end
#resources :sessions, only: [:new, :create, :destroy]
resources :microposts, only: [:create, :destroy]
resources :relationships, only: [:create, :destroy]
root to: "static_pages#home"
match '/help', to: 'static_pages#help'
match '/about', to: 'static_pages#about'
match '/contact', to: 'static_pages#contact'
end
最佳答案
您看到未初始化的常量Ability
,因为UsersController
中的load_and_authorize_resource
方法期望找到一个Ability类。
解决方案是将包含能力定义的文件移动到 app/models/ability.rb
。
#app/models/ability.rb
class Ability
include CanCan::Ability
def initialize(user)
#abort("Message goes here")
user ||= User.new # guest user
#abort('some user')
if user.role == 'admin'
can :manage, :all
elsif user.role == 'user'
can :manage, Micropost do |micropost|
micropost.try(:owner) == user
end
can :update, User do |users|
users.try(:owner) == user
end
else
can :read, :all
end
end
end
关于ruby-on-rails - 未初始化的常量能力轨,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27504292/