0
gem 'authlogic'
gem 'cancancan', '~> 1.10'

在我的宝石文件中。我已经在我的能力范围内给出了这个.rb

class Ability
  include CanCan::Ability

  def initialize(employee)
    employee ||= Employee.new
    alias_action :create, :read, :update, :destroy, :to => :crud
    case employee[:role]
      when 'SUPER-ADMIN'
        can :manage, :all
      when 'HR'
        can :manage, Employee
      when 'INVENTORY'
        can :manage, Inventory
        can :edit, Employee, :id => employee.id
        can :update, Employee, :id => employee.id
        can :read, Employee
      when 'EMPLOYEE'
        can :edit, Employee, :id => employee.id
        can :update, Employee, :id => employee.id
        can :read, :all
    end
  end
end

在我的应用程序控制器中,我有:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  helper_method :current_employee_session, :current_employee
  rescue_from CanCan::AccessDenied do |exception|
    flash[:error] = "You are not authorize to access this page"
    redirect_to root_url
  end
  load_and_authorize_resource
  private

  def require_employee
    unless current_employee
      redirect_to new_employee_session_url, notice: I18n.t('require_employee')
      return false
    end
  end

end

现在,如果我使用员工登录,则通过更改密码链接时,它不允许我更改密码,如果我没有登录并通过忘记密码,那么它也不允许我更改密码。我在 password_resets_controller.rb 中给出了这个

 class PasswordResetsController < ApplicationController
  before_filter :require_employee, :only => [:edit, :update]
  skip_authorize_resource 
  def new
  end

  def create        
    @employee =  Employee.where(email: employee_params['email']).first
    if @employee
      @employee.password = generate_activation_password(8)
      @employee.password_confirmation = @employee.password
      if @employee.save
        current_employee_session.destroy

        redirect_to new_employee_session_path, notice: I18n.t('password_created')
      end
    else
      flash[:error] = I18n.t('email_exists')
      redirect_to new_password_reset_path
    end

  end

  def edit
    @employee = current_employee
  end

  def update
    @employee = Employee.find(current_employee.id)
    if @employee.update(employee_params)
      current_employee_session.destroy
      redirect_to new_employee_session_path, notice: I18n.t('updated_password')
    else
      flash[:error] = I18n.t('invalid_password')
      render :action => :edit
    end
  end

  private

  def employee_params
    params.require(:employee).permit(:email,:password,:password_confirmation)
  end
end

并收到此错误

在此处输入图像描述

NameError (uninitialized constant PasswordReset):
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:261:in `const_get'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:261:in `block in constantize'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `each'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `inject'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/inflector/methods.rb:259:in `constantize'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/core_ext/string/inflections.rb:66:in `constantize'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:151:in `resource_class'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:122:in `adapter'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:116:in `find_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:68:in `load_resource_instance'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:32:in `load_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:25:in `load_and_authorize_resource'
  vendor/ruby/2.1.0/gems/cancancan-1.10.1/lib/cancan/controller_resource.rb:10:in `block in add_before_filter'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:448:in `instance_exec'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:448:in `block in make_lambda'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:164:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:164:in `block in halting'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `block in call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `each'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:504:in `call'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:92:in `_run_callbacks'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:776:in `_run_process_action_callbacks'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/callbacks.rb:81:in `run_callbacks'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/abstract_controller/callbacks.rb:19:in `process_action'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/action_controller/metal/rescue.rb:29:in `process_action'
  vendor/ruby/2.1.0/gems/actionpack-4.2.1/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications.rb:164:in `block in instrument'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  vendor/ruby/2.1.0/gems/activesupport-4.2.1/lib/active_support/notifications.rb:164:in `instrument'

请指导我如何解决这个问题。提前致谢。

4

1 回答 1

0

Plaese试试这个我希望这会有所帮助。

application_controller.rb

class ApplicationController < ActionController::Base

  prepend_before_filter :set_action_and_controller

  protect_from_forgery with: :exception
  helper_method :current_employee_session, :current_employee
  rescue_from CanCan::AccessDenied do |exception|
    flash[:error] = "You are not authorize to access this page"
    redirect_to root_url
  end

  load_and_authorize_resource if set_action_and_controller

  def set_action_and_controller
    if params[:controller] == "password_resets"
      return false
    else
      return true
    end
  end

  helper_method :set_action_and_controller

  private

  def require_employee
    unless current_employee
      redirect_to new_employee_session_url, notice: I18n.t('require_employee')
      return false
    end
  end    
end

密码重置控制器.rb

class PasswordResetsController < ApplicationController
  before_filter :require_employee, :only => [:edit, :update]
  authorize_resource :class => false #Or skip_authorize_resource :class => false
  skip_authorize_resource
  ....
end
于 2015-06-03T11:49:22.200 回答