0

在 Rails 网站上创建 ruby​​ 并最近添加:

<% if (?can :manage, :table) %> 
<%= link_to 'New Table', new_table_path %>
<% end %>

为了一些额外的安全性,现在它声明我不能这样做。我认为这可能与我的能力有关:

class Ability
  include CanCan::Ability
  def initialize(user)
       user ||= User.new
       can :read, :all
       if user.role? "admin" 
       can :manage, :all
  end
  def initialize(user)
       user ||= User.new
       can :read, :all
       if user.role? "coach" 
       can :manage, :all
  end
  def initialize(user)
       user ||= User.new
       can :read, :all
       if user.role? "captain" 
       can :manage, :tournaments
       can :manage, :results
  end
  def initialize(user)
       user ||= User.new
       can :read, :all
       if user.role? "teammember" 
       can :manage, :individualresults
  end
  end
end

提前感谢您的帮助。如果您想要其他代码,请告诉我。

4

1 回答 1

2

您的能力文件应该如下所示:

class Ability
  include CanCan::Ability
  def initialize(user)
     user ||= User.new
     can :read, :all
     if (user.role? "admin" || user.role? "coach")
       can :manage, :all
     end
     if user.role? "captain" 
       can :manage, Tournament
       can :manage, Result
     end
     if user.role? "teammember" 
       can :manage, Individualresult
     end
  end
end

根据定义的 CanCan 规则检查用户操作,如下所示:

if can?(:create, Table)
于 2012-05-08T04:22:48.927 回答