基于角色的授权与cancan不起作用Rails 4 - Ruby 2.1 [英] Role based authorization with cancan doesn't works Rails 4 - Ruby 2.1

查看:150
本文介绍了基于角色的授权与cancan不起作用Rails 4 - Ruby 2.1的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用cancan(1.6.10)和设计(3.2.2),我一直在使用 rel =nofollow>本指南 (我在用户模型中添加了一个名为roles_mask的列)。

I use cancan (1.6.10) and devise (3.2.2), I have been implementing authorization using this guide as recommended by cancan's author, I need to assign multiple roles to a user then I decided store it into a single integer column using a bitmask (I added a column named "roles_mask" to user model).

我有这个文件涉及:


  1. user.rb

  2. edit.html.erb

  1. user.rb
  2. edit.html.erb

我知道,除了我写的行,表示角色是可访问的属性,我鄙视本指南的单词:

I'm aware that I folowed word by word of this guide except the lines that I wrote for indicate that roles is a accessible attribute:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_filter :configure_permitted_parameters, if: :devise_controller?

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password, :roles) }
  end
end

更新用户(记录)时,所有字段都将被更新,除了:roles_mask = /,我不明白为什么角色字段未被捕获。我认为有一些我没有看到的东西。任何人都可以帮助我?

When update a user (logged), all fields are updated except :roles_mask =/, I don't understand why roles field is not captured. I think there's something that I don't achieve to see. anyone can help me?

* 解决方案

使用 cancancan (支持Rails 4)并更改application_controller.rb文件(由于角色是非标量属性)。 / p>

Using cancancan (support for Rails 4) and change application_controller.rb file it works (as roles is a non-scalar attribute).

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_filter :configure_permitted_parameters, if: :devise_controller?

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password, roles: []) }
  end
end


推荐答案

CanCan不支持Rails 4.但是可以使用CanCanCan,这是Rails4友好的: https://github.com/CanCanCommunity/cancancan

CanCan does not support Rails 4. You can however use CanCanCan, which is Rails4 friendly: https://github.com/CanCanCommunity/cancancan

这篇关于基于角色的授权与cancan不起作用Rails 4 - Ruby 2.1的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆