我與別人的代碼工作加上我沒有經驗,使用Rails和我在與慘慘&設計的問題。慘慘錯誤地拒絕管理員訪問
當試圖登錄(使用我知道在那裏,因爲他們之前曾憑據,我檢查數據庫,併成功地運用了復位功能),我得到一個錯誤的屏幕說明。
CanCan::AccessDenied in AdminController#index
You are not authorized to access this page.
app/controllers/admin_controller.rb:4:in `index'
config/initializers/quiet_assets.rb:6:in `call_with_quiet_assets'
,並在終端
Started POST "https://stackoverflow.com/users/sign_in" for 127.0.0.1 at 2012-11-14 13:13:01 +0000
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"T8CJkCIEA3r7ROiknVp/vbEgeKCBZEjl3uYd+46G7no=", "user"=>{"email"=>"[email protected]", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
WARNING: Can't verify CSRF token authenticity
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = '[email protected]' LIMIT 1
(0.2ms) BEGIN
(0.3ms) UPDATE `users` SET `last_sign_in_at` = '2012-11-14 11:10:56', `current_sign_in_at` = '2012-11-14 13:13:01', `sign_in_count` = 219, `updated_at` = '2012-11-14 13:13:01' WHERE `users`.`id` = 1
(0.1ms) COMMIT
Redirected to http://core.lvh.me:3000/admin
Completed 302 Found in 355ms
Started GET "/admin" for 127.0.0.1 at 2012-11-14 13:13:02 +0000
Processing by AdminController#index as HTML
Completed 500 Internal Server Error in 265ms
CanCan::AccessDenied (You are not authorized to access this page.):
app/controllers/admin_controller.rb:4:in `index'
config/initializers/quiet_assets.rb:6:in `call_with_quiet_assets'
admin_controller.rb
class AdminController < ApplicationController
def index
authorize! :index, :admin (#line 4)
end
ability.rb
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
case user.role_name
when "super_admin"
# can do everything
can :manage, :all
when "franchise_admin"
can [:read, :search, :all, :up_down_index], Article
can [:old_feed, :sites, :new_feed], MobileFeed
can [:new, :read, :update], SiteSpecificArticle, site_id: user.site_id
can [:index, :new_site_essentials], :admin
when "franchise_editor"
can [:new, :read, :update], SiteSpecificArticle { |ssa| ssa.site.customer.sites.include?(user.site) }
can [:old_feed, :sites, :new_feed], MobileFeed
can [:read, :search, :all, :up_down_index], Article
when "site_admin"
# can CRUD users for their site
can :manage, User, site_id: user.site_id
# can edit content for their site
can [:read, :update], ArticleSitePermission, site_id: user.site_id
can [:read, :update], CoreArticleSiteVisibility, site_id: user.site_id
can [:new, :read, :update], SiteSpecificArticle, site_id: user.site_id
can [:new, :read, :update], FrontPageCampaign, site_id: user.site_id
can [:new, :read, :update], FrontPageTimeBasedArticle, site_id: user.site_id
can [:new, :read, :update], FrontpageArticle, site_id: user.site_id
can [:index, :new_site_essentials], :admin
can [:read, :search, :all, :up_down_index, :hidden_in_this_site], Article
can [:old_feed, :sites, :new_feed], MobileFeed
can [:index, :create], TrackMood
can :site_styles, Site
when "editor"
# can edit content for their site
can [:read, :update], ArticleSitePermission, site_id: user.site_id
can [:read, :update], CoreArticleSiteVisibility, site_id: user.site_id
can [:new, :read, :update], SiteSpecificArticle, site_id: user.site_id
can :manage, FrontPageCampaign, site_id: user.site_id
can :manage, User, site_id: user.site_id
can [:new, :read, :update], FrontPageTimeBasedArticle, site_id: user.site_id
can [:new, :read, :update], FrontpageArticle, site_id: user.site_id
can [:old_feed, :sites, :new_feed], MobileFeed
can [:index, :new_site_essentials], :admin
can [:read, :search, :all, :up_down_index, :hidden_in_this_site], Article
can [:index, :create], TrackMood
can :site_styles, Site
else
# guest user (not logged in)
can [:read, :search, :up_down_index], Article
can [:old_feed, :sites, :new_feed], MobileFeed
can [:index, :create], TrackMood
can :site_styles, Site
end
end
end
在這個問題上的任何幫助,將不勝感激。即使這只是嘗試調試問題的另一個步驟。
謝謝
請張貼您的ability.rb,所以我們可以看到你是如何授權的配置文件 –
看起來不像是名爲「admin」的角色 - 有super_admin,franchise_admin,site_admin等。嘗試在控制器#索引方法中用':super_admin'替換':admin'。 –
您用於登錄的帳戶的用戶角色是什麼? – Thanh