A gem cancan access denied mainController # dashboard
A gem cancan access denied mainController # dashboard
我正在学习 onebitcode 教程,但我无法实现这个 gem,我更新了数据库,我上传了种子,我重新启动了服务器,但没有任何效果,如果我评论 gem 在 GemFile 中,它再次工作,但没有 cancancan ...浏览器中弹出错误,但我不知道如何解决它。
#Error
CanCan::AccessDenied in RailsAdmin::MainController#dashboard
You are not authorized to access this page.
Extracted source (around line #217):
if cannot?(action, subject, *args)
message ||= unauthorized_message(action, subject)
raise AccessDenied.new(message, action, subject)
end
subject
end
#Ability.rb
class Ability
include CanCan::Ability
def initialize(user)
end
end
#rails_admin.rb
RailsAdmin.config do |config|
## == Devise ==
config.authenticate_with do
warden.authenticate! scope: :user
end
config.current_user_method(&:current_user)
##== Cancancan ==
config.authorize_with :cancan
config.actions do
dashboard # mandatory
index # mandatory
new
export
bulk_delete
show
edit
delete
show_in_app
end
end
#gemfile
source 'https://rubygems.org'
gem 'rails', '4.2.6'
gem 'sqlite3'
gem 'sass-rails', '~> 5.0'
gem 'uglifier', '>= 1.3.0'
gem 'coffee-rails', '~> 4.1.0'
gem 'jquery-rails'
gem 'turbolinks'
gem 'jbuilder', '~> 2.0'
gem 'sdoc', '~> 0.4.0', group: :doc
gem 'rails_admin'
gem 'devise'
gem 'cancancan'
group :development, :test do
gem 'byebug'
end
group :development do
gem 'web-console', '~> 2.0'
gem 'spring'
end
#routes.rb
Rails.application.routes.draw do
devise_for :users
mount RailsAdmin::Engine => '/', as: 'rails_admin'
resources :group_users
resources :groups
resources :users
resources :company_sectors
resources :sectors
resources :companies
end
#seed.rb
#users
User.create name: 'Jose', kind: :user, email: 'user@teste.com', password: 123456
User.create name: 'Marcos', kind: :manager, email: 'manager@teste.com', password: 123456
#grupo
Group.create name: 'Grupo teste 1'
Group.create name: 'Grupo teste 2'
#Setor
Sector.create name: 'Grupo 1'
Sector.create name: 'Grupo 2'
#user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
belongs_to :company_sector
enum kind: [:user, :manager]
end
#users_controller.rb
class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
def index
@users = User.all
end
def show
end
def new
@user = User.new
end
def edit
end
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
def set_user
@user = User.find(params[:id])
end
def user_params
params.require(:user).permit(:company_sector_id, :kind, :name)
end
end
您必须通过 can :manage, :all
并使条件为真才能访问页面。
试试下面的代码:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.email == "user@teste.com" # you can add any condition
can :manage, :all
end
end
end
我通过交换 Gemfile 中的 gem 解决了这个问题。
gem 'devise', '~> 4.3'
gem 'cancancan', '~> 1.15.0'
我的问题是版本问题,我已经指定了两个版本,现在可以使用了。
我解决了问题:
#Ability.rb
class Ability
include CanCan::Ability
def initialize(user)
can :dashboard, :all
can :access, :rails_admin
can :read, :dashboard
#to allow access, you have to put this.
end
end
我正在学习 onebitcode 教程,但我无法实现这个 gem,我更新了数据库,我上传了种子,我重新启动了服务器,但没有任何效果,如果我评论 gem 在 GemFile 中,它再次工作,但没有 cancancan ...浏览器中弹出错误,但我不知道如何解决它。
#Error
CanCan::AccessDenied in RailsAdmin::MainController#dashboard
You are not authorized to access this page.
Extracted source (around line #217):
if cannot?(action, subject, *args)
message ||= unauthorized_message(action, subject)
raise AccessDenied.new(message, action, subject)
end
subject
end
#Ability.rb
class Ability
include CanCan::Ability
def initialize(user)
end
end
#rails_admin.rb
RailsAdmin.config do |config|
## == Devise ==
config.authenticate_with do
warden.authenticate! scope: :user
end
config.current_user_method(&:current_user)
##== Cancancan ==
config.authorize_with :cancan
config.actions do
dashboard # mandatory
index # mandatory
new
export
bulk_delete
show
edit
delete
show_in_app
end
end
#gemfile
source 'https://rubygems.org'
gem 'rails', '4.2.6'
gem 'sqlite3'
gem 'sass-rails', '~> 5.0'
gem 'uglifier', '>= 1.3.0'
gem 'coffee-rails', '~> 4.1.0'
gem 'jquery-rails'
gem 'turbolinks'
gem 'jbuilder', '~> 2.0'
gem 'sdoc', '~> 0.4.0', group: :doc
gem 'rails_admin'
gem 'devise'
gem 'cancancan'
group :development, :test do
gem 'byebug'
end
group :development do
gem 'web-console', '~> 2.0'
gem 'spring'
end
#routes.rb
Rails.application.routes.draw do
devise_for :users
mount RailsAdmin::Engine => '/', as: 'rails_admin'
resources :group_users
resources :groups
resources :users
resources :company_sectors
resources :sectors
resources :companies
end
#seed.rb
#users
User.create name: 'Jose', kind: :user, email: 'user@teste.com', password: 123456
User.create name: 'Marcos', kind: :manager, email: 'manager@teste.com', password: 123456
#grupo
Group.create name: 'Grupo teste 1'
Group.create name: 'Grupo teste 2'
#Setor
Sector.create name: 'Grupo 1'
Sector.create name: 'Grupo 2'
#user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
belongs_to :company_sector
enum kind: [:user, :manager]
end
#users_controller.rb
class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
def index
@users = User.all
end
def show
end
def new
@user = User.new
end
def edit
end
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
def set_user
@user = User.find(params[:id])
end
def user_params
params.require(:user).permit(:company_sector_id, :kind, :name)
end
end
您必须通过 can :manage, :all
并使条件为真才能访问页面。
试试下面的代码:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.email == "user@teste.com" # you can add any condition
can :manage, :all
end
end
end
我通过交换 Gemfile 中的 gem 解决了这个问题。
gem 'devise', '~> 4.3'
gem 'cancancan', '~> 1.15.0'
我的问题是版本问题,我已经指定了两个版本,现在可以使用了。
我解决了问题:
#Ability.rb
class Ability
include CanCan::Ability
def initialize(user)
can :dashboard, :all
can :access, :rails_admin
can :read, :dashboard
#to allow access, you have to put this.
end
end