具有cans的rails_admin无法捕获重定向的拒绝访问异常 [英] rails_admin with cancan not catching access denied exception for redirect

问题描述

我正在使用rails 5，rails_admin，devise和cancancan。

I am using rails 5, rails_admin, devise and cancancan.

一切正常，但是当访问被拒绝时，它会显示您无权访问此页面的错误屏幕。

Everything works correctly, but when there is access denied, it shows a 'You are not authorized to access this page' error screen.

我想重定向到root_path，我一直在搜索，但我只发现我必须在app / controllers / application_controller中写东西。 rb这段代码：

I want to redirect to root_path, I've been searching and I only found that I have to write in app/controllers/application_controller.rb this code:

class ApplicationController < ActionController::Base    
    rescue_from CanCan::AccessDenied do |exception|
        redirect_to root_path, :alert => exception.message
    end
end

我做到了，但我仍然错误消息中的内容（未经授权）。它不会重定向。

And I did, but I am still in the error message when not authorised. It does not redirect.

我认为其余代码必须可以，因为它可以工作，但不能重定向到任何地方。

I think the rest of the code must be ok, because it works, but not redirecting to anywhere.

#config/initializers/rails_admin.rb
config.authorize_with :cancan
config.current_user_method(&:current_user)

。

#app/models/ability.rb
class Ability
    include CanCan::Ability

    def initialize(user)

    user ||= User.new # guest user (not logged in)
    if user.admin
        can :access, :rails_admin       # only allow admin users to access Rails Admin
        can :dashboard           
        can :manage, :all
    else
        can :read, :all                   # allow everyone to read everything
    end
  end
end

我看到更多人在问同样的问题，但是所有人都没有答案。我找到了3个答案，但是我不明白被接受的解决方案，因为它实际上没有解释任何解决方案：
可以+从不捕获异常的情况中拯救出一个资源

I saw more people asking the same, but all of them are without answers. I found one with 3 answers, but I don't understand the accepted solution because it really do not explain any solution: Cancan + Devise rescue_from not catching exception

推荐答案

默认情况下，看起来 ApplicationController 实际上不是 RailsAdmin :: MainController 的父级。因此，当 RailsAdmin :: MainController 抛出 CanCan :: AccessDenied 异常时，它实际上从未触及 ApplicationController ，救援块就不会启动。

It looks like ApplicationController isn't actually a parent of RailsAdmin::MainController by default. So, when RailsAdmin::MainController throws the CanCan::AccessDenied exception, it never actually touches ApplicationController, and the rescue block never kicks in.

您可以显式声明 ApplicationController 作为 rails_admin.rb 配置块中

You can explicitly declare ApplicationController as the parent for RailsAdmin::MainController in the rails_admin.rb config block with

config.parent_controller = 'ApplicationController' 

这篇关于具有cans的rails_admin无法捕获重定向的拒绝访问异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！