2015-10-12 69 views
1

我在Rails 4和CanCan中遇到了一些麻煩。 我做了所有像這裏描述的https://github.com/ryanb/cancan和實際上它的工作原理,但我有以下問題:Rails CANCAN - 第一次點擊無法訪問

有時,當我點擊navi中的鏈接,例如, 「僱員」來打開員工/顯示頁面慘慘觸發警報:

「?......員工/警報=你+ +是不是+授權+到+接入+這個+頁面」

我將重定向到主頁面。

當我再次點擊相同的鏈接時,頁面將打開。沒有現在訪問的問題......

我不知道這個問題的原因是什麼... :(

我希望有人能幫助

一些代碼:

ability.rb

def initialize(user) 

    if user.admin? 
     can :manage, :all 

    elsif user.secretary? 
     can :manage, :all  

     cannot [:destroy],[Employee, Setting, Section, Role, Position] 

    elsif user.leader? 
     can :manage, :all 

     cannot [:manage],[Setting, Section, Role, Position] 
     cannot [:destroy],[Project, Customer, Distributor] 
     cannot [:destroy, :edit],[Employee] 


    elsif user.employee? 
     can :manage, :all 

     cannot [:manage],[Setting, Section, Role, Position, Employee, Customer, Distributor] 
     cannot [:destroy, :edit],[Project] 

    else 
     #can :read, :all 
    end 
end 

employees_con troller.rb

class EmployeesController < ApplicationController 
before_action :set_employee, only: [:show, :edit, :update, :destroy] 
#before_action :set_tmpPswVar, only: [:show] 

#CanCan 
load_and_authorize_resource 

... 

application_controller.rb

class ApplicationController < ActionController::Base 
# Prevent CSRF attacks by raising an exception. 
# For APIs, you may want to use :null_session instead. 
include SessionsHelper 
before_action :require_login 
protect_from_forgery with: :exception 

#load_and_authorize_resource 
#CanCan 
skip_authorization_check 

#for CanCan version necessary because is not optimized for rails 4 
#without that eacht create method will generate an ForbiddenAttributeError! 
before_filter do 
    resource = controller_name.singularize.to_sym 
    method = "#{resource}_params" 
    params[resource] &&= send(method) if respond_to?(method, true) 
end 


#CANCAN 
rescue_from CanCan::AccessDenied do |exception| 
    redirect_to :controller=>"workdays", :action => "index", :alert => exception.message 
end 

... 

問候 Kumaro

回答

3

不幸的是慘慘不支持Rails的4+。您應該改用CanCanCan:

https://github.com/CanCanCommunity/cancancan

+0

MH哦好吧,我知道,康康舞是不是Rails的4優化,但我不知道,有一個CanCanCan解決方案。我會嘗試!謝謝! – Kumaro

+0

我測試過了...現在我在登錄後立即獲得警報,但之後沒有問題。這是好的,比以前更好,但仍然奇怪... – Kumaro

+0

現在我仍然有同樣的問題:(...對不起 – Kumaro