我正在使用 CanCanCan、Devise 和 Rolify。
我的 ApplicationController
看起来像这样:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :new_post
rescue_from CanCan::AccessDenied do |exception|
redirect_to root_url, :alert => exception.message
end
def new_post
@post = Post.new
end
end
我的routes.rb
文件看起来像这样:
authenticate :user, lambda { |u| u.has_role? :admin or :editor } do
get 'newsroom', to: 'newsroom#index', as: "newsroom"
get 'newsroom/published', to: 'newsroom#published'
get 'newsroom/unpublished', to: 'newsroom#unpublished'
end
# truncated for brevity
root to: "posts#index"
这是与之相关的ability.rb
文件:
elsif user.has_role? :member
can :read, :all
cannot :read, :newsroom
因此,当我以: member
身份登录,并尝试访问/newsroom
时,我会收到以下错误:
NameError at /newsroom
uninitialized constant Newsroom
与我预期的不同,没有被重定向到root_url
并伴随一个:alert
。
不确定这里发生了什么。
编辑1
值得一提的是,只有当我把这段代码添加到我的NewsroomController
中时,才会出现这个问题:
authorize_resource
/newsroom
,它会引发错误。 - marcamillion