能否在CanCan中访问通过url传递的参数?我正在尝试基于url中的令牌对访客进行身份验证。
谢谢!
谢谢!
https://github.com/ryanb/cancan/wiki/Accessing-request-data
在我的情况下,它看起来像这样:class ApplicationController < ActionController::Base
...
def current_ability
@current_ability ||= Ability.new(current_user, params[:token])
end
end
app/models/ability.rb:
class Ability
include CanCan::Ability
def initialize(user, token=nil)
...
can :read, Article, :tokens => { :token => token }
...
end
end
目前,我们在一个before过滤器中使用类似于authorize!action,resource,session [:access_token]
的内容 - 来自此页面:http://spreecommerce.com/documentation/security.html