Question

在我的控制器中我有：

class UsersController < ApplicationController

  load_and_authorize_resource

  def create

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
      else
        format.html { render action: "new" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end
end

但我得到undefined method 'save' for nil:NilClass

Failures:

1) UsersController if the user passes all the authorizations POST #create should create a new User with some parameters
 Failure/Error: post :create, :user => { :email => 'puppa@puppa.pup' }
 NoMethodError:
   undefined method `save' for nil:NilClass
 # ./app/controllers/users_controller.rb:47:in `block in create'
 # ./app/controllers/users_controller.rb:46:in `create'
 # ./spec/controllers/users_controller_spec.rb:66:in `block (4 levels) in <top (required)>'

Finished in 0.10714 seconds
1 example, 1 failure

我期待load_resources填充@user = User.new(params[:user])

我在整个流程之后看着CanCan内部，我发现controller_resource.rb当我们到达#build_resource时我们有：

def build_resource
  resource = resource_base.new(resource_params || {})
  assign_attributes(resource)
end

但resource这里是nil ......这是正常的吗？我错过了什么？这与我的创建动作问题有关吗？

修改

这是我的ability.rb

class Ability
  include CanCan::Ability

  def initialize(user)
    # Define abilities for the passed in user here. For example:

    # check if the user is registered or a guest user (not logged in)
    if user.present?

      if user.any_role? :super_admin
        can :manage, :all
      end

      if user.any_role? :admin
        can :manage, [User, Institution, Project, Order]
      end

      if user.any_role? :user
        can :show, Project
        can [:add, :change], :cart
        can [:create, :show], Order, :user_id => user.id
        can :download, UrlConnector
      end

    end
  end
end

编辑2

在调用POST时我创建了：

在RSpec环境中

：

resource_base: User
resource_class: User
@params: {"user"=>{"email"=>"puppa@puppa.pup"}, "controller"=>"users", "action"=>"create"}

在浏览器中superadmin或admin，它们是相同的：

resource_base: User
resource_class: User
@params: {"utf8"=>"✓", "authenticity_token"=>"95qQ4H/+CLU96jCIO6U/YtgIQ5zWxE7pg0BedVMPSGk=", "user"=>{"email"=>"estanost@alumnes.ub.edu", "password"=>"264763", "password_confirmation"=>"264763", "ragionesociale"=>"fff", "partitaiva"=>"12345678901", "address"=>"via plutarco, 36", "city"=>"Manduria", "cap"=>"74024", "phone"=>"099979456", "role_ids"=>["3"]}, "commit"=>"Create User", "action"=>"create", "controller"=>"users"}

Answer 1

尝试将cancan作为Gemfile中的最后一个gem

Answer 2

我认为你应该去掉 if user.present? 块，在 user ||= User.new 块开始的地方添加 if。这样，您将始终拥有一个用户对象。当然，它不会通过您的任何一个cancans，所以其余的应该优雅地通过。

load_resource获取一个零资源

2 个答案: