devise - Why my cancan didn't work properly? -


my envirenment:ruby:2.0.0p0, rails:3.2.13, cancan: 1.6.10, devise: 2.2.4
hi, when following cancan's wiki separate-role-model, , seems didn't work me? when debugging-abilities, find following:

2.0.0-p0 :002 > q = question.first   question load (0.1ms)  select "questions".* "questions" limit 1  => #<question id: 1, title: "问题", created_at: "2013-05-14 11:14:31", updated_at: "2013-05-14 11:14:31", content: "答案", user_id: nil>

the user_id nil.
have add user_id , role_id assignment table, question_id user table, user_id question table.
role.rb

class role < activerecord::base                                                                                                                                 attr_accessible :name                                                                                                                                       #  has_and_belongs_to_many :users                                                                                                                               has_many :assignments                                                                                                                                         has_many :users, :through => :assignments                                                                                                                   end

assgnment.rb 

class assignment < activerecord::base                                                                                                                           # attr_accessible :title, :body                                                                                                                               belongs_to :user                                                                                                                                              belongs_to :role                                                                                                                                            end

user.rb 

class user < activerecord::base                                                                                                                                 # include default devise modules. others available are:                                                                                                       # :token_authenticatable, :confirmable,                                                                                                                       # :lockable, :timeoutable , :omniauthable                                                                                                                   devise :database_authenticatable, :registerable,                                                                                                                     :recoverable, :rememberable, :trackable, :validatable                                                                                                   # setup accessible (or protected) attributes model                                                                                                   attr_accessible :email, :password, :password_confirmation, :remember_me, :username, :profile                                                                  # attr_accessible :title, :body                                                                                                                                has_many :assignments                                                                                                                                         has_many :roles, :through => :assignments                                                                                                                     has_many :questions                                                                                                                                            def has_role?(role_sym)                                                                                                                                         roles.any? { |r| r.name.underscore.to_sym == role_sym }                                                                                                     end                                                                                                                                                         end

ability.rb 

class ability                                                                                                                                                   include cancan::ability                                                                                                                                        def initialize(user)                                                                                                                                              if user.blank?                                                                                                                                                cannot :manage, :all                                                                                                                                          can :read, question                                                                                                                                         elsif user.has_role?(:admin)                                                                                                                                    can :manage, :all                                                                                                                                           else                                                                                                                                                            can :create, question                                                                                                                                         can :update, question, :active => true, :user_id => user.id                                                                                                   can :destroy, question, :active => true, :user_id => user.id                                                                                                end                                                                                                                                                         end                                                                                                                                                         end

and view:

<% if can? :update, @question %>                                                                                                                         <%= link_to 'edit', edit_question_path(question), :method => :get, :class => "btn btn-mini btn-warning" %>                                          <% end %>

then when create question doesn't come edit button. what's wrong me? if need more information, please tell me.

try set ability class 

class ability                                                                                                                                                   include cancan::ability                                                                                                                                        def initialize(user)                                                                                                                                              can :manage, :all                                                                                                                                         end                                                                                                                                                         end

just see if problem still there or not? can gradually add authorize logic see breaks ..


Comments

Post a Comment

Popular posts from this blog

jquery - How can I dynamically add a browser tab? -

since using iframes house external pages are, accounts "not preferred method" , disallowed sites (flickr, one), want dynamically generate browser tabs. e.g., when user submits form, want dynamically generate tab on browser in response submitted. e.g., might want add new tab url like: http://www.bigsurgarrapata.com/contact how in jquery? you want form target attribute action attribute. http://www.w3schools.com/tags/att_form_target.asp browsers have ultimate control on result of target attribute open new tab value of _blank. <form action="contact_submit.php" target="_blank" method="post">
Read more

keyboard - C++ GetAsyncKeyState alternative -

i using windows.h library's getasynckeystate function define key pushed on keyboard . here program returns int value of pushed key example. #include <iostream> #include <windows.h> using namespace std; int main (){ char i; for(i=8;i<190;i++){ if(getasynckeystate(i)== -32767){ cout<<int (i)<<endl; } } return 0; } but trying make opengl simple game , function appeared slow . there function not need cycle 180 times , if statement . thanks you're trying make opengl game, you're going use glfw. if that's case can away using glfwgetkey() such: if (glfwgetkey(glfw_key_up) == glfw_press) {...} if (glfwgetkey(glfw_key_down) == glfw_press) {...} that method nicely explained in tutorial 6 opengl-tutorial.org . should start first tutorial of beginners tutorials , later intermediate tutorials . if you're going make win32 window can listen wm_keydown or wm_keyup messages , virtua...
Read more

android - java.net.UnknownHostException(Unable to resolve host “URL”: No address associated with hostname) -

i developing app testing asp.net webservice in android.for simple webservice adding 2 numbers used.where numbers passed parameters.the result in dialogue.the webserver works in local. when application runs following result exception.i provided internet permission in manifest. java.net.unknownhostexception(unable resolve host “ http://url.com/ ”: no address associated hostname) my code given below main activity public static string rslt=""; /** called when activity first created. */ @override public void oncreate(bundle savedinstancestate) { super.oncreate(savedinstancestate); setcontentview(r.layout.activity_main); button b1=(button)findviewbyid(r.id.button1); final alertdialog ad=new alertdialog.builder(this).create(); b1.setonclicklistener(new onclicklistener() { @override public void onclick(view arg0) { // todo auto-generated method stub try { ...
Read more