Rails: Ability and ActiveAdmin not working as expected
我正在使用ActiveAdmin和Cancancan进行Ruby on Rails项目。我为角色用户定义了一些功能,例如
写了一些单元测试后,我发现一些功能无法正常运行,而且我不知道出了什么问题。
具体来说,我有一个新闻通讯模块,我只希望用
这是我的能力摘要:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | class Ability include CanCan::Ability def initialize(user) user ||= User.new # visitor user (not logged in) alias_action :create, :read, :update, :destroy, to: :crud if user.super_administrator? # super_administrator privileges elsif user.administrator? # administrator privileges elsif user.subscriber? cannot :manage, Newsletter else cannot :destroy, :all cannot :update, :all cannot :create, :all cannot :manage, Newsletter end end end |
我的测试:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | # this test breaks for no reason test 'should not destroy newsletter if logged in as subscriber' do sign_in @subscriber assert_no_difference 'Newsletter.count' do delete :destroy, id: @newsletter end assert_redirected_to admin_dashboard_path end private def initialize_test @newsletter = newsletters(:one) @subscriber = users(:alice) end |
此测试失败,因为即使我为订户编写了不管理新闻稿的功能,新闻稿也被销毁了。
奇怪的是,如果我测试订户的能力,一切都会正常:
1 2 3 4 5 6 7 8 9 | # this test pass as expected by ability test 'should test abilities for subscriber' do sign_in @subscriber ability = Ability.new(@subscriber) assert ability.cannot?(:create, Newsletter.new), 'should not be able to create' assert ability.cannot?(:read, Newsletter.new), 'should not be able to read' assert ability.cannot?(:update, Newsletter.new), 'should not be able to update' assert ability.cannot?(:destroy, Newsletter.new), 'should not be able to destroy' end |
我尝试直接在浏览器中手动测试,而Ability也无法正常工作。
我不明白我错过了什么。有人对我的代码有什么问题有任何线索吗?
我的项目:
- Ruby 2.2.2
- rails4.2.3
- ActiveAdmin 1.0.0 pre1
- Cancancan 1.12.0
调查了几个小时之后,我发现问题出在与ActiveAdmin名称相同(具有正确能力)的变量所致,并且正在覆盖它们(具有不良能力)。
在我的ApplicationController中更改变量名称可以修复所有具有Abilities的错误。