Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
3.5k views
in Technique[技术] by (71.8m points)

ruby on rails - Does load_and_authorize_resource authorize every single action in a controller, or just RESTful ones?

TL;DR

Basically, do I have to manually call authorize! in controller actions that aren't one of the 7 RESTful defaults, or does load_and_authorize_resource still do that for me in those non-standard actions?

Longer version:

I generated a controller via rails scaffold and then added several custom actions that do some random other things.

At the top of the controller, I have load_and_authorize_resource, which I believe will call authorize! in each of the actions.

Does it do that for every single action within the controller (including the custom ones), or only those that were generated by the scaffold? (i.e. index, show, new, edit, create, update, destroy)

I see from the cancancan docs:

Setting this for every action can be tedious, therefore the load_and_authorize_resource method is provided to automatically authorize all actions in a RESTful style resource controller.

But I'm not sure if that's just the 7 originals or others the developer adds as well


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
等待大神解答

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...