このability.rb優先順位の問題を解決するにはどうすればよいですか？

Question

は

私はCanCanCanを使用して、私はこれを持って私のability.rbファイルにしています：私はquestionを所有していないユーザーに投票しようとすると、

def initialize(user) 
    alias_action :vote_up, :vote_down, to: :vote 

    user ||= User.new # guest user (not logged in) 
    if user.admin? 
     can :manage, :all 
    else 
     can :manage, Question, user_id: user.id 
     can :manage, Answer, user_id: user.id 
     can :manage, Job, user_id: user.id 
     can :manage, Company, user_id: user.id 
     can :read, :all 
     cannot :read, User do |u| 
     !u.eql?(user.id) 
     end 

     can :vote, [Question, Answer] 

    end 
end 

しかし、それはそれを拒否します。私はabc@test.comとしてログインしています。例えば

が、これは、ログが投票に次のようになります。正常であり、素晴らしい作品

Started POST "https://stackoverflow.com/questions/yet-another-hello-world/vote_up" for ::1 at 2016-06-14 23:45:13 -0500 
Processing by QuestionsController#vote_up as JS 
    Parameters: {"id"=>"yet-another-hello-world"} 
    User Load (2.4ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 1546], ["LIMIT", 1]] 
    Question Load (4.8ms) SELECT "questions".* FROM "questions" WHERE "questions"."user_id" = $1 AND "questions"."slug" = $2 ORDER BY "questions"."id" ASC LIMIT $3 [["user_id", 1546], ["slug", "yet-another-hello-world"], ["LIMIT", 1]] 
    Answer Load (1.4ms) SELECT "answers".* FROM "answers" WHERE "answers"."question_id" = 43 
    (1.3ms) SELECT COUNT(*) FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."voter_id" = $3 AND "votes"."vote_scope" IS NULL AND "votes"."voter_type" = $4 [["votable_id", 43], ["votable_type", "Question"], ["voter_id", 1546], ["voter_type", "User"]] 
    (0.7ms) BEGIN 
    SQL (3.8ms) INSERT INTO "votes" ("votable_type", "votable_id", "voter_type", "voter_id", "vote_flag", "vote_weight", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5, $6, $7, $8) RETURNING "id" [["votable_type", "Question"], ["votable_id", 43], ["voter_type", "User"], ["voter_id", 1546], ["vote_flag", true], ["vote_weight", 1], ["created_at", 2016-06-15 04:45:13 UTC], ["updated_at", 2016-06-15 04:45:13 UTC]] 
    (0.9ms) COMMIT 
    (1.3ms) SELECT COUNT(*) FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"]] 
    (1.4ms) SELECT COUNT(*) FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", true]] 
    (1.4ms) SELECT COUNT(*) FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", false]] 
    (1.6ms) SELECT SUM("votes"."vote_weight") FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", true]] 
    (1.5ms) SELECT SUM("votes"."vote_weight") FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", false]] 
    CACHE (0.0ms) SELECT SUM("votes"."vote_weight") FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", true]] 
    CACHE (0.0ms) SELECT SUM("votes"."vote_weight") FROM "votes" WHERE "votes"."votable_id" = $1 AND "votes"."votable_type" = $2 AND "votes"."vote_flag" = $3 AND "votes"."vote_scope" IS NULL [["votable_id", 43], ["votable_type", "Question"], ["vote_flag", false]] 
    (0.8ms) BEGIN 
    SQL (2.1ms) UPDATE "questions" SET "cached_votes_total" = $1, "cached_votes_up" = $2, "cached_votes_score" = $3, "cached_weighted_total" = $4, "cached_weighted_score" = $5, "updated_at" = $6 WHERE "questions"."id" = $7 [["cached_votes_total", 1], ["cached_votes_up", 1], ["cached_votes_score", 1], ["cached_weighted_total", 1], ["cached_weighted_score", 1], ["updated_at", 2016-06-15 04:45:13 UTC], ["id", 43]] 
    (1.5ms) COMMIT 
    Rendering questions/vote_up.js.erb 
    Rendered questions/vote_up.js.erb (1.3ms) 
Completed 200 OK in 69ms (Views: 14.8ms | ActiveRecord: 26.9ms) 

。

私は別のユーザーとしてログインすると、同じ質問をvote_upしようとする場合は、このログは、次のようになります。

Started POST "https://stackoverflow.com/questions/yet-another-hello-world/vote_up" for ::1 at 2016-06-14 23:46:40 -0500 
Processing by QuestionsController#vote_up as JS 
    Parameters: {"id"=>"yet-another-hello-world"} 
    User Load (2.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 1547], ["LIMIT", 1]] 
    Question Load (3.2ms) SELECT "questions".* FROM "questions" WHERE "questions"."user_id" = $1 AND "questions"."slug" = $2 ORDER BY "questions"."id" ASC LIMIT $3 [["user_id", 1547], ["slug", "yet-another-hello-world"], ["LIMIT", 1]] 
Completed 404 Not Found in 14ms (ActiveRecord: 5.3ms) 



ActiveRecord::RecordNotFound - ActiveRecord::RecordNotFound: 
    friendly_id (5.1.0) lib/friendly_id/finder_methods.rb:23:in `find' 
    app/controllers/questions_controller.rb:123:in `set_question' 

あなたが質問がでcurrent_userに属している場合、それはチェックしていることがわかります私のコントローラですが、ここで失敗します：

def set_question 
    @question = current_user.questions.includes(:answers).friendly.find(params[:id]) 
end 

思考？

Answer 1

@question = current_user.questions.includes(:answers).friendly.find(params[:id]) 

current_user質問を所有していないので、質問がquestion_idとuser_idの両方で見つかりませんでした、間違っていたところです。あなたは、クエリがログに何を見ることができる：

SELECT "質問" * "質問" "のuser_id" = $ 1、 "質問" "質問" より "スラッグ" = $ 2 ORDER BY。。。 "質問"。 "ID" ASCのLIMIT $ 3 [[ "user_idを"、1547]、[ "スラッグ"、 "まだ別の-こんにちは世界"]、[ "LIMIT"、1]]

質問の検索クエリを次のように変更してください：

@question = Question.includes(:answers).friendly.find(params[:id]) 

質問はすべて質問に投票できます彼/彼女が所有しています。