0 
def initialize(user)
 if user.has_role? :admin
  can :manage, :all
  can :destroy, User
  can [:update , :destroy], [Article, Comment]
 else
  can :read, :all
 end

如何让只有管理员删除用户,但不能删除自己?

我正在使用 wice_grid gem,我已将此添加到我的视图中,但管理员仍然可以删除自己

g.column do |user|
 if can? :destroy, @user && !current_user(user)
  link_to('Delete', user, method: :delete, data: { confirm: 'You sure?' })
 end
end
4

3 回答 3

3 
def initialize(user)
  if user.has_role? :admin
    can :manage, :all
    cannot :destroy, User, id: user.id 
  else
    can :read, :all
 end

g.column do |user|
  if can? :destroy, user
    link_to('Delete', user, method: :delete, data: { confirm: 'You sure?' })
  end
end
于 2013-08-16T06:04:24.800 回答
1

阅读能力优先级,顺便说一句,你可以这样做:

if user.admin?
      can :manage, :all
      cannot :destroy, User, :id => current_user.id
end

谢谢

于 2013-08-14T08:06:20.640 回答
0

试试这个

def initialize(user)
 if user.has_role? :admin
  can :read, :all
  can [:update, :destroy], [Article, Comment, User]
  cannot :destroy, User, id: user.id # it means do not destroy own-self(the id of object to be deleted is not equal to admin's id)
 else
  can :read, :all
 end

不要写'manage :all',就像找到它一样,控制永远不会停止,意味着其余的代码永远不会执行,因为'manage :all'意味着可以做所有事情,另一方面,如果你指定像'can [:update, :destroy], [Article, Comment, User]',它适用于你的情况。

于 2013-08-14T15:36:46.980 回答