【问题标题】:Facing issues in using cancancan with authlogic in rails4在 rails4 中使用带有 authlogic 的 cancancan 时面临的问题
【发布时间】:2015-06-03 11:05:35
【问题描述】:
gem 'authlogic'
gem 'cancancan', '~> 1.10'

在我的 gem 文件中。我已经在我的能力范围内给出了这个。rb

class Ability
  include CanCan::Ability

  def initialize(employee)
    employee ||= Employee.new
    alias_action :create, :read, :update, :destroy, :to => :crud
    case employee[:role]
      when 'SUPER-ADMIN'
        can :manage, :all
      when 'HR'
        can :manage, Employee
      when 'INVENTORY'
        can :manage, Inventory
        can :edit, Employee, :id => employee.id
        can :update, Employee, :id => employee.id
        can :read, Employee
      when 'EMPLOYEE'
        can :edit, Employee, :id => employee.id
        can :update, Employee, :id => employee.id
        can :read, :all
    end
  end
end

在我的应用程序控制器中,我有:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  helper_method :current_employee_session, :current_employee
  rescue_from CanCan::AccessDenied do |exception|
    flash[:error] = "You are not authorize to access this page"
    redirect_to root_url
  end
  load_and_authorize_resource
  private

  def require_employee
    unless current_employee
      redirect_to new_employee_session_url, notice: I18n.t('require_employee')
      return false
    end
  end

end

现在,如果我使用员工登录,则通过更改密码链接时,它不允许我更改密码,如果我没有登录并通过忘记密码,那么它也不允许我更改密码。我在 password_resets_controller.rb 中给出了这个

 class PasswordResetsController < ApplicationController
  before_filter :require_employee, :only => [:edit, :update]
  skip_authorize_resource 
  def new
  end

  def create        
    @employee =  Employee.where(email: employee_params['email']).first
    if @employee
      @employee.password = generate_activation_password(8)
      @employee.password_confirmation = @employee.password
      if @employee.save
        current_employee_session.destroy

        redirect_to new_employee_session_path, notice: I18n.t('password_created')
      end
    else
      flash[:error] = I18n.t('email_exists')
      redirect_to new_password_reset_path
    end

  end

  def edit
    @employee = current_employee
  end

  def update
    @employee = Employee.find(current_employee.id)
    if @employee.update(employee_params)
      current_employee_session.destroy
      redirect_to new_employee_session_path, notice: I18n.t('updated_password')
    else
      flash[:error] = I18n.t('invalid_password')
      render :action => :edit
    end
  end

  private

  def employee_params
    params.require(:employee).permit(:email,:password,:password_confirmation)
  end
end

我得到这个错误

NameError (uninitialized constant PasswordReset):
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:261:in `const_get'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:261:in `block in constantize'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `each'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `inject'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `constantize'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/core_ext/string/inflections.rb:66:in `constantize'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:151:in `resource_class'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:122:in `adapter'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:116:in `find_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:68:in `load_resource_instance'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:32:in `load_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:25:in `load_and_authorize_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:10:in `block in add_before_filter'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:448:in `instance_exec'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:448:in `block in make_lambda'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:164:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:164:in `block in halting'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `block in call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `each'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:92:in `_run_callbacks'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:776:in `_run_process_action_callbacks'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/abstract_controller/callbacks.rb:19:in `process_action'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/action_controller/metal/rescue.rb:29:in `process_action'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications.rb:164:in `block in instrument'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications.rb:164:in `instrument'

请指导我如何解决这个问题。提前致谢。

【问题讨论】:

  • 请发布您的require_employee 方法和密码重置控制器的编辑和更新操作。
  • 修改过的问题请过关
  • 我已经添加了答案,如果您遇到任何问题,请检查并回复。
  • 我已经更新了答案,请检查
  • 您的问题解决了吗?

标签: ruby-on-rails authlogic cancancan


【解决方案1】:

请尝试一下,希望对您有所帮助。

application_controller.rb

class ApplicationController < ActionController::Base

  prepend_before_filter :set_action_and_controller

  protect_from_forgery with: :exception
  helper_method :current_employee_session, :current_employee
  rescue_from CanCan::AccessDenied do |exception|
    flash[:error] = "You are not authorize to access this page"
    redirect_to root_url
  end

  load_and_authorize_resource if set_action_and_controller

  def set_action_and_controller
    if params[:controller] == "password_resets"
      return false
    else
      return true
    end
  end

  helper_method :set_action_and_controller

  private

  def require_employee
    unless current_employee
      redirect_to new_employee_session_url, notice: I18n.t('require_employee')
      return false
    end
  end    
end

password_resets_controller.rb

class PasswordResetsController < ApplicationController
  before_filter :require_employee, :only => [:edit, :update]
  authorize_resource :class => false #Or skip_authorize_resource :class => false
  skip_authorize_resource
  ....
end

【讨论】:

  • NameError (uninitialized constant Ability::PasswordReset): 它给了我这个错误
  • 我认为 PasswordReset 不是一个模型,因此它不会出现在 ability.rb 中
  • @dinshawraje 我已经编辑了我的答案,请尝试运行代码。
  • 能否请您在应用程序控制器中评论一下 load_and_authorize_resource 并尝试一下?
  • 当我注释掉它时它正在工作,但我不想在每个控制器中写 load_and_authorize_resource 这就是我在应用程序控制器中编写它的原因
猜你喜欢
  • 1970-01-01
  • 2015-07-24
  • 1970-01-01
  • 1970-01-01
  • 2013-09-16
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多