class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
if user and user.admin?
can :access, :rails_admin
can :dashboard
if user.has_role? :superadmin
can :manage, :all
elsif user.has_role? :admin
can :manage, [Event]
end
end
end
即使我指定了can:manage,:all / can:access,:rails_admin can:dashboard并删除所有内容 - 它仍然指示我访问拒绝访问错误的主页。这是我的应用程序控制器。
class ApplicationController < ActionController::Base
rescue_from CanCan::AccessDenied do |exception|
redirect_to '/', notice: 'Access Denied'
end
end
这里发生了什么?!