我想创建一个角色,该角色不是可以在 spree 后端创建订单的管理员,但我找不到需要为该用户激活的操作组合。我尝试添加默认用户权限并允许:manageOrder、LineItem、Product、Variant 的角色没有成功。现在该角色可以创建新订单,但是当我搜索要添加到购物车的产品时,API 控制器不允许这样做。
更新:我尝试禁用 API 的身份验证,Spree::Api::Config[:requires_authentication] = false它解决了问题。所以这绝对是API认证的问题。
我正在使用solidus哪个是一个叉子spree 2.4
can_be_like_customer
can :manage, Spree::Order
can :manage, Spree::LineItem
can :manage, Spree::Product
can :manage, Spree::Variant
def can_be_like_customer
can :display, Spree::Country
can :display, Spree::OptionType
can :display, Spree::OptionValue
can :create, Spree::Order
can [:read, :update], Spree::Order do |order, token|
order.user == user || order.guest_token && token == order.guest_token
end
can :display, Spree::Product
can :display, Spree::ProductProperty
can :display, Spree::Property
can :create, Spree.user_class
can :display, Spree::State
can :display, Spree::Taxon
can :display, Spree::Taxonomy
can :display, Spree::Variant
can :display, Spree::Zone
end
从终端登录
Processing by Spree::Api::VariantsController#index as JSON
Parameters: {"q"=>{"product_name_or_sku_cont"=>"bag"}, "token"=>"", "in_stock_only"=>"true", "_"=>"1447839886731"}
Spree::User Load (0.4ms) SELECT "spree_users".* FROM "spree_users" WHERE "spree_users"."deleted_at" IS NULL AND "spree_users"."spree_api_key" = $1 LIMIT 1 [["spree_api_key", ""]]
Rendered /Users/harins/.rbenv/versions/2.2.1/lib/ruby/gems/2.2.0/gems/solidus_api-1.0.2/app/views/spree/api/errors/must_specify_api_key.v1.rabl (0.7ms)
Filter chain halted as :authenticate_user rendered or redirected
Completed 401 Unauthorized in 1778ms (Views: 1775.1ms | ActiveRecord: 0.4ms)