使用rails_admin + cancan2我的能力有问题。 根据官方文档https://github.com/sferik/rails_admin/wiki/CanCan我配置了我的ability.rb文件:
class Ability
include CanCan::Ability
def initialize(user)
can :read, :all
if user
if user.has_role? :admin
can :access, :all
end
if user.has_role? :manager
can :access, :rails_admin # grant access to rails_admin
can :dashboard # grant access to the dashboard
end
end
end
end
问题是使用cancan版本1.6工作正常,但使用cancan 2“管理员”未经授权在仪表板中访问,但他有权访问rails admin。所以:
can :access, :rails_admin #work
can :dashboard #don't work
如果我进入localhost:3000 / admin错误是经典的
CanCan::Unauthorized in RailsAdmin::MainController#dashboard
但如果我去localhost:3000 / admin / models它可以工作,那么
can :dashboard #don't work
不起作用
你可以帮帮我吗?答案 0 :(得分:4)
can :dashboard, :all
应该有用。
显示仪表板后,您需要另一个补丁才能使用CanCan 2.0
# patch for CanCan 2.0
module RailsAdmin
module Extensions
module CanCan
class AuthorizationAdapter
def authorize(action, abstract_model = nil, model_object = nil)
@controller.current_ability.authorize!(action, model_object || abstract_model && model_name(abstract_model.model)) if action
end
def authorized?(action, abstract_model = nil, model_object = nil)
@controller.current_ability.can?(action, model_object || abstract_model && model_name(abstract_model.model)) if action
end
private
def model_name(model)
model.to_s.underscore.pluralize.to_sym
end
end
end
end
end
答案 1 :(得分:0)
我从未见过像
这样的东西can :dashboard
can指令的正常结构是“can:action,:object”(或类)
所以,从我对你的问题的理解,我认为你应该把它改成
can :manage, :dashboard
如果您想分配“所有权利”