我正在构建一个站点范围的cancan 身份验证系统。只是为了对我的尝试进行非常简单的验证,每次尝试点击页面时,我都会初始化我的测试用例:
# application_controller.rb
class ApplicationController < ActionController::Base
admin = Role.new(name: :admin, is_default: true)
admin.permissions << Permission.create(action: :manage, subject_class: :all)
admin.save
current_user=User.create!
# users automatically get associations to all roles with `is_default: true`
check_authorization
end
只有控制器skip_authorization_check
让我通过,所有其他人都会抛出AuthorizationNotPerformed
错误:
CanCan::AuthorizationNotPerformed in ExampleAuthEngin::PermissionsController#index
This action failed the check_authorization because it does not authorize_resource. Add skip_authorization_check to bypass this check.
我究竟做错了什么?