请帮忙解决问题 . 我使用gem'cancan'并将表连接到角色层次结构 . 模式:
create_table "roles", force: :cascade do |t|
t.string "name", limit: 255
end
create_table "roles_users", id: false, force: :cascade do |t|
t.integer "role_id", limit: 4
t.integer "user_id", limit: 4
end
create_table "users", force: :cascade do |t|
t.string "email", limit: 255, default: "", null: false
t.string "encrypted_password", limit: 255, default: "", null: false
end
我有3个角色:表角色:
id name
0 user
1 manager
2 admin
我创建了3个用户,我给了他们角色:table roles_users:
role_id user_id
2 2
1 3
0 1
ability.rb:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user (not logged in)
if user.role? :admin
can :manage, :all
cannot :update, Review
elsif user.role? :manager
can :read, Review
can :create, Review
can :update, Review
cannot :delete, Review
elsif user.role? :user
can :read, Review
can :create, Review
cannot :update, Review
cannot :delete, Review
else
can :read, Review
cannot :create, Review
cannot :update, Review
cannot :delete, Review
end
end
end
厂:
FactoryGirl.define do
factory :user do
sequence(:email){ |i| "us#{i}@ad.ad" }
password 'qwertyui'
password_confirmation{ |u| u.password }
end
end
FactoryGirl.define do
factory :admin_status, class: Role do
role_id 2
user_id 2
end
factory :manager_status, class: Role do
role_id 1
user_id 3
end
factory :user_status, class: Role do
role_id 0
user_id 1
end
end
我需要通过r规范管理员用户的测试能力:
require 'rails_helper'
RSpec.describe Review, type: :model do
before(:each) do
@user = FactoryGirl.create(:user) #create admin
@ability = Ability.new(@user)
end
it "cannot delete review" do
expect(@ability).to be_able_to(:delete, Review)
end
end
但运行测试控制台后显示如下错误信息:
kalinin@kalinin ~/rails/admin_book $ rspec spec/models/review_spec.rb
F
Failures:
1) Review cannot delete review
Failure/Error: expect(@ability).to be_able_to(:delete, Review)
expected to be able to delete Review
# ./spec/models/review_spec.rb:11:in `block (2 levels) in <top (required)>'
请帮助检查管理员用户的权限删除审核
1 回答
从快速审核看起来您对角色ID的假设不正确 .
但实际上,我认为,你做错了 .
如果角色只是名称,并且您在代码中明确使用这些名称,那么创建角色表的原因是什么?
我建议使用角色作为字符串值:
"admin"
,"manager"
等 . 使用此设置,您不需要猜测ID是什么角色,我希望它也可以帮助您进行测试(假设您没有其他错误) .