2011-05-17 63 views
0

我試圖通過Authlogic實現角色來限制我的Rails應用程序中的控制器訪問。只要我用load_and_authorize和filter_resource_access實現它,我就無法訪問任何角色的控制器。
在我的用戶模型中,我有一個角色字段,其has_many roles_users指向角色模型。因此,用戶1是'管理員',具有角色分配1,其鏈接到'管理'角色1。無法使用CanCan和Authlogic進行授權

ability.rb
include CanCan::Ability 

def initialize(user) 
user ||= User.new # guest user 
can :read, InstallQuote 
can :create, InstallQuote 
if user.role? :admin 
    can :manage, :all 
end 

application_controller.rb
helper :all 
protect_from_forgery # See ActionController::RequestForgeryProtection for details 
helper_method :current_user_session, :current_user 

rescue_from CanCan::AccessDenied do |exception| 
flash[:error] = exception.message 
    redirect_back_or_default(root_path) 
end 

before_filter { |c| Authorization.current_user = c.current_user } 
filter_parameter_logging :password, :password_confirmation 

protected 
    def current_user_session 
    return @current_user_session if defined?(@current_user_session) 
    @current_user_session = UserSession.find 
    end 

def current_user 
    return @current_user if defined?(@current_user) 
    @current_user = current_user_session && current_user_session.user 
end 

clients_controller.rb
class ClientsController < ApplicationController 
# before_filter :authenticate, :only => [:edit, :update, :show, :index] 

load_and_authorize_resource # For declarative authorization 
filter_resource_access 

# belongs_to :company 
# before_filter :require_user, :only => [:edit, :update, :index, :destroy] 
# before_filter :admin_user, :only => :destroy 
helper_method :sort_column, :sort_direction 
before_filter :correct_user, :only => [:edit, :update, :show, :index] 

user.rb
acts_as_authentic 
has_many :roles_users 
has_many :roles, :through => :roles_users 
before_create :setup_role 
attr_accessible :email, :login, :first_name, :last_name, :role_id, :password, :password_confirmation, :active 

(我已經註釋掉了舊的代碼,我現在不想溝渠)。

任何人都知道我錯過了什麼?

回答

0

確保您已經登錄並且user.role? :admin返回true。

如果它是不是這個原因,你可以直接在控制檯調試:

user = User.first 
ability = Ability.new(user) 
ability.can? :read, Client