in my app I have projects which have permissions. If the user has a permission record for a project they can view the project. If not, CanCan redirects them to the root.
What I would like to do is if a user tries to view a project (/project/100) where they are not a member, show them a page that allows them to request to join.
In CanCan, I have the following:
if projectid_viewing && current_user.try(:role, projectid_viewing) == 'Me开发者_高级运维mber'
can [:read, :members], Project
....
This CanCan ability works great for allowing members to view the project, but non members are kicked to the root. what's a good way to handle this so if a non-member tries to view the project they are taken to a Request to Join page for that project?
Ideas? Thanks
Assuming you're usingload_and_authorize_resource in your controller, cancan will throw an exception when a user is not authorized, you can catch it and define the behavior.
class ApplicationController < ActionController::Base
rescue_from CanCan::AccessDenied do |exception|
redirect_to request_join_page if current_user.member?
end
end
You could also manually check permissions in the controller instead of using load_and_authorize_resource you could run can? in the controller and then perform the redirect if necessary.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论