问题
I having quite a bit of troubling getting cancan to authorize my new routes setup below:
namespace :api do
namespace :v1 do
resources :users do
resources :user_songs
resources :friendships
resources :plays
resources :likes
resources :songs
I have followed what was posted here https://github.com/ryanb/cancan/wiki/Nested-Resources and tested it with the likes controller by putting this above:
class Api::V1::LikesController < Api::V1::BaseController
load_and_authorize_resource :user
load_and_authorize_resource :like, :through => :user
Using a can :access, :all in ability.rb works but anything else I have tried to limit is has not for example:
can :access, :likes
can :access, Like
can :access, :users
can :access, User
can :access, [:"users/likes", :users_likes]
I am not too sure if the blame is because of the namespace routes or not. Any guidance would be extremely appreciated!
回答1:
Found out the answer: It was the namespace after all, it just needed a
can :access, "api/v1/likes"
来源:https://stackoverflow.com/questions/12334367/authorizing-namespaced-and-nested-controllers-using-cancan