check_authorization导致自定义设备控制器失败? [英] check_authorization causes custom devise controller to fail?

问题描述

背景

我有一个带有devise和cancancan的简单应用程序.因为我想

问题

有人知道如何对这些控制器进行 skip_authorization_check 吗?(我已经在每个用户(设计)控制器中都有 skip_authorization_check ，我以为可以做到这一点，所以我不确定该怎么做

解决方案

我在编写此问题的90％的过程中都找到了答案，因此想将其发布，以防日后对其他人有帮助.

答案是，只需使用相同的方法以常规方式跳过对设计的授权检查(即使使用定制的设备控制器)，即只需将其添加到application_controller

  check_authorization除非::devise_controller? 

使用这种方法时，似乎没有必要将 skip_authorization_check 手动添加到每个设备(或自定义设备)控制器.

Background

I have a simple app with devise and cancancan. Because I wanted to add a little bit of custom logic to the signup process, I used devise with customised controllers, which simply means devise uses the users controller (rather than devise controllers) for all of the things devise does.

Problem

When I add check_authorization to the application controller, and skip_authorization_check to all of the user (devise) controllers, I still get the following error raised when the user tries to sign in or out:

Question

Does anyone know how to skip_authorization_check for these controllers? (I already have skip_authorization_check in every user (devise) controller, I thought that would do it, so I'm not sure what to try

解决方案

I found the answer 90% of the way through writing this question, so figured to post it in case it helps others in the future.

The answer is, simply use the same method for skipping authorization checks on devise in the regular way (even if using customised devise controllers), that is, simply add this to the application_controller

check_authorization unless: :devise_controller?

Adding skip_authorization_check manually to each devise (or customised devise) controller does not seem necessary when using this approach.

这篇关于check_authorization导致自定义设备控制器失败?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！