A gem cancan access denied mainController # dashboard

A gem cancan access denied mainController # dashboard

我正在学习 onebitcode 教程,但我无法实现这个 gem,我更新了数据库,我上传了种子,我重新启动了服务器,但没有任何效果,如果我评论 gem 在 GemFile 中,它再次工作,但没有 cancancan ...浏览器中弹出错误,但我不知道如何解决它。

#Error

CanCan::AccessDenied in RailsAdmin::MainController#dashboard

You are not authorized to access this page.

Extracted source (around line #217):

    if cannot?(action, subject, *args)
        message ||= unauthorized_message(action, subject)
        raise AccessDenied.new(message, action, subject)
      end
      subject
     end


#Ability.rb
class Ability
  include CanCan::Ability

  def initialize(user)

 
  end
end

#rails_admin.rb
RailsAdmin.config do |config|

  ## == Devise ==
    config.authenticate_with do
       warden.authenticate! scope: :user
    end
    config.current_user_method(&:current_user)

##== Cancancan ==
   config.authorize_with :cancan

  config.actions do
    dashboard                     # mandatory
    index                         # mandatory
    new
    export
    bulk_delete
    show
    edit
    delete
    show_in_app

  end
end

#gemfile
source 'https://rubygems.org'
gem 'rails', '4.2.6'
gem 'sqlite3'
gem 'sass-rails', '~> 5.0'
gem 'uglifier', '>= 1.3.0'
gem 'coffee-rails', '~> 4.1.0'
gem 'jquery-rails'
gem 'turbolinks'
gem 'jbuilder', '~> 2.0'
gem 'sdoc', '~> 0.4.0', group: :doc
gem 'rails_admin'
gem 'devise'
gem 'cancancan'

group :development, :test do
    gem 'byebug'
end
group :development do
 gem 'web-console', '~> 2.0'
  gem 'spring'
end

#routes.rb
Rails.application.routes.draw do
  devise_for :users
  mount RailsAdmin::Engine => '/', as: 'rails_admin'
  resources :group_users
  resources :groups
  resources :users
  resources :company_sectors
  resources :sectors
  resources :companies

end

#seed.rb
#users
User.create name: 'Jose', kind: :user, email: 'user@teste.com', password: 123456
User.create name: 'Marcos', kind: :manager, email: 'manager@teste.com', password: 123456

#grupo
Group.create name: 'Grupo teste 1'
Group.create name: 'Grupo teste 2'

#Setor
Sector.create name: 'Grupo 1'
Sector.create name: 'Grupo 2'

#user.rb
class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable
  belongs_to :company_sector
  enum kind: [:user, :manager]
end

#users_controller.rb
class UsersController < ApplicationController
  before_action :set_user, only: [:show, :edit, :update, :destroy]

  def index
    @users = User.all
  end

  def show
  end

  def new
    @user = User.new
  end

  def edit
  end

  def create
    @user = User.new(user_params)

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.json { render :show, status: :created, location: @user }
      else
        format.html { render :new }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  def update
    respond_to do |format|
      if @user.update(user_params)
        format.html { redirect_to @user, notice: 'User was successfully updated.' }
        format.json { render :show, status: :ok, location: @user }
      else
        format.html { render :edit }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  def destroy
    @user.destroy
    respond_to do |format|
      format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
      format.json { head :no_content }
    end
  end

  private
    def set_user
      @user = User.find(params[:id])
    end
    def user_params
      params.require(:user).permit(:company_sector_id, :kind, :name)
    end
end

您必须通过 can :manage, :all 并使条件为真才能访问页面。

试试下面的代码:

class Ability
  include CanCan::Ability

    def initialize(user)
      user ||= User.new # guest user (not logged in)
      if user.email == "user@teste.com" # you can add any condition
        can :manage, :all
      end
    end
end

我通过交换 Gemfile 中的 gem 解决了这个问题。

gem 'devise', '~> 4.3'

gem 'cancancan', '~> 1.15.0'

我的问题是版本问题,我已经指定了两个版本,现在可以使用了。

我解决了问题:

#Ability.rb
class Ability
  include CanCan::Ability

  def initialize(user)
        can :dashboard, :all
        can :access, :rails_admin
        can :read, :dashboard
       #to allow access, you have to put this.
  end
end