0

鉴于以下能力;

class Ability
  include CanCan::Ability
   def initialize(user)
    user ||= User.new # guest
    if user.has_role? :project_lead
      can :read, Project, :id => Project.with_role(:project_lead, user).pluck(:id)
    end
  end
end

为什么我对这个用户的能力是错误​​的:阅读项目?

>>u=User.find_by_login("test")
>>p=Project.find(1)
>>u.add_role :project_lead, p
>>u.roles
[#<Role id: 10035, name: "project_lead", resource_id: 1, resource_type: "Project", created_at: "2013-11-28 09:18:58", updated_at: "2013-11-28 09:18:58">]

>>a=Ability.new(u)
>>a.can? :read, p
false

我注意到在初始化能力时,WHERE 子句以:

AND (((roles.name = 'project_lead') AND (roles.resource_type IS NULL) AND (roles.resource_id IS NULL)))

它不应该读作 'AND (((roles.name = 'project_lead') AND (roles.resource_type = 'Project' ) AND (roles.resource_id = 1 )))' 吗?

4

1 回答 1

0

通过正确配置用户和角色之间的关系解决了这个问题。我只用了4个月。

于 2014-03-21T13:53:29.470 回答