我目前在我的應用程序上使用聲明式授權,並嘗試從類型Authorization :: NotAuthorized中捕獲異常。聲明式授權 - 抓住「授權::未授權」例外
我有一個實體,有一個類別。取決於用戶在創建此實體時可以創建新類別的角色。在我的:before_validation回調函數中,我指定了類別,並希望能夠捕獲授權異常以防萬一他沒有權限。
我可以檢查它的作用,並創建一個條件指令,但然後將不得不寫所有的角色。
異常被拋出,但我無法在「新」指令中捕捉到它。
代碼如下:
# Model
before_validation :set_category
def category_name
@category_name ||= category.name unless category.nil?
@category_name
end
def category_name=(name)
name.strip!
name.downcase!
@category_name = name
end
def set_category
if @category_name and not company.blank?
lookup_category = company.categories.not_deleted.find_by_name(@category_name)
begin
category = lookup_category.blank? ? company.categories.new(:name => @category_name) : lookup_category
rescue Authorization::NotAuthorized
errors.add(:category, I18n.t('activerecord.errors.messages.exclusion'))
end
end
end
# Controller
def create
@ticket = current_user.created_tickets.new(params[:ticket])
if @ticket.save # Line 88
...
異常堆棧跟蹤:
Authorization::NotAuthorized (No matching rules found for create for #<User id: 36,..."> (roles [:Requester], privileges [:create], context :categories).):
/Library/Ruby/Gems/1.8/gems/declarative_authorization-0.4.1/lib/declarative_authorization/authorization.rb:168:in `permit!'
/Library/Ruby/Gems/1.8/gems/declarative_authorization-0.4.1/lib/declarative_authorization/in_model.rb:131:in `using_access_control'
/Library/Ruby/Gems/1.8/gems/after_commit-1.0.7/lib/after_commit/connection_adapters.rb:12:in `transaction'
/Library/Ruby/Gems/1.8/gems/after_commit-1.0.7/lib/after_commit/connection_adapters.rb:12:in `transaction'
app/controllers/tickets_controller.rb:88:in `create'
調試器去塊內:
# Debugger
lookup_category = company.categories.not_deleted.find_by_name(@category_name)
(rdb:3) list
[275, 284] in /Users/Pedro/projects/trunk/app/models/ticket.rb
275
276 def set_category
277 if @category_name and not self.company.blank?
278 begin
279 debugger
=> 280 lookup_category = company.categories.not_deleted.find_by_name(@category_name)
281 self.category = lookup_category.blank? ? company.categories.new(:name => @category_name) : lookup_category
282 rescue Authorization::NotAuthorized
283 self.errors.add(:category, I18n.t('activerecord.errors.messages.exclusion'))
284 end
(rdb:3) n
/Users/Pedro/projects/trunk/app/models/ticket.rb:281
self.category = lookup_category.blank? ? company.categories.new(:name => @category_name) : lookup_category
(rdb:3) list
[276, 285] in /Users/Pedro/projects/trunk/app/models/ticket.rb
276 def set_category
277 if @category_name and not self.company.blank?
278 begin
279 debugger
280 lookup_category = company.categories.not_deleted.find_by_name(@category_name)
=> 281 self.category = lookup_category.blank? ? company.categories.new(:name => @category_name) : lookup_category
282 rescue Authorization::NotAuthorized
283 self.errors.add(:category, I18n.t('activerecord.errors.messages.exclusion'))
284 end
285 end
(rdb:3) n
/Users/Pedro/.gem/ruby/1.8/gems/activesupport-2.3.8/lib/active_support/callbacks.rb:94
break result if terminator.call(result, object)
(rdb:3) list
[89, 98] in /Users/Pedro/.gem/ruby/1.8/gems/activesupport-2.3.8/lib/active_support/callbacks.rb
89 unless block_given?
90 send(enumerator) { |callback| callback.call(object) }
91 else
92 send(enumerator) do |callback|
93 result = callback.call(object)
=> 94 break result if terminator.call(result, object)
95 end
96 end
97 end
98
(rdb:3)
該控制器的線是LIGNE 88? – shingara 2010-09-28 10:00:15
我們可以看到你的控制器嗎? – shingara 2010-09-28 10:00:46
從控制器添加代碼 – 2010-09-28 10:13:50