我有这个规则:
can :see_contacts, Profile do |profile|
false
end
这个检查:
- if can? :see_contacts, @profile
# user contacts
问题是,我总是看到用户联系人。为什么?
问问题
123 次
1 回答
0
Ohhh, always read the documentation. This is my case.
Important notice about :manage. As you read above it represents ANY action on the object. So if you have something like:
can :manage, User
can :invite, User
and if you take a test of last :invite rule you always get true. Why? That's because :manage represents ANY action on object and :manage is not just :create, :read, :update, :destroy on object.
于 2013-10-26T07:36:47.227 回答