问题描述

TL; DR

基本上，我是否必须在不是7个RESTful默认值之一的控制器操作中手动调用 authorize！，还是 load_and_authorize_resource 仍在为我执行此操作那些非标准的行为?

Basically, do I have to manually call authorize! in controller actions that aren't one of the 7 RESTful defaults, or does load_and_authorize_resource still do that for me in those non-standard actions?

长版:

我通过 rails scaffold 生成了一个控制器，然后添加了一些自定义动作来做一些随机的其他事情.

I generated a controller via rails scaffold and then added several custom actions that do some random other things.

在控制器的顶部，我有 load_and_authorize_resource ，我相信在每个操作中都将其称为 authorize！.

At the top of the controller, I have load_and_authorize_resource, which I believe will call authorize! in each of the actions.

它是针对控制器中的每个单个操作(包括自定义操作)还是仅由脚手架生成的 操作执行此操作?(即 index ， show ， new ， edit ， create ， update ， destroy )

Does it do that for every single action within the controller (including the custom ones), or only those that were generated by the scaffold? (i.e. index, show, new, edit, create, update, destroy)

我从 cancan docs 中看到:

但是我不确定这只是开发人员添加的7张原图还是其他原图

But I'm not sure if that's just the 7 originals or others the developer adds as well

推荐答案

简单答案是是，它将适用于控制器中的 all 所有动作

Simple answer is yes, it will apply to all actions in the controller

来自可以选择的加拿大文档动作:

这篇关于是load_and_authorize_resource授权控制器中的每个动作，还是仅授权RESTful的动作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！