[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-7697":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":21,"defaultBranch":22,"hasWiki":20,"hasPages":21,"topics":23,"createdAt":10,"pushedAt":10,"updatedAt":24,"readmeContent":25,"aiSummary":26,"trendingCount":16,"starSnapshotCount":16,"syncStatus":14,"lastSyncTime":27,"discoverSource":28},7697,"cancan","ryanb\u002Fcancan","ryanb","Authorization Gem for Ruby on Rails.","",null,"Ruby",6213,772,2,200,0,1,39.66,"MIT License",true,false,"master",[],"2026-06-12 02:01:43","= Unmaintained\n\nThe CanCan gem is \u003Cb>no longer maintained\u003C\u002Fb>. Please use another authorization library such as CanCanCan[https:\u002F\u002Fgithub.com\u002FCanCanCommunity\u002Fcancancan] or Pundit[https:\u002F\u002Fgithub.com\u002Fvarvet\u002Fpundit].\n\n= CanCan\n{\u003Cimg src=\"https:\u002F\u002Ffury-badge.herokuapp.com\u002Frb\u002Fcancan.png\" alt=\"Gem Version\" \u002F>}[http:\u002F\u002Fbadge.fury.io\u002Frb\u002Fcancan]\n{\u003Cimg src=\"https:\u002F\u002Fsecure.travis-ci.org\u002Fryanb\u002Fcancan.png?branch=master\" \u002F>}[http:\u002F\u002Ftravis-ci.org\u002Fryanb\u002Fcancan]\n{\u003Cimg src=\"https:\u002F\u002Fcodeclimate.com\u002Fgithub\u002Fryanb\u002Fcancan.png\" \u002F>}[https:\u002F\u002Fcodeclimate.com\u002Fgithub\u002Fryanb\u002Fcancan]\n\nWiki[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki] | RDocs[http:\u002F\u002Frdoc.info\u002Fprojects\u002Fryanb\u002Fcancan] | Screencast[http:\u002F\u002Frailscasts.com\u002Fepisodes\u002F192-authorization-with-cancan]\n\nCanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the +Ability+ class) and not duplicated across controllers, views, and database queries.\n\n\n== Installation\n\nIn \u003Cb>Rails 3\u003C\u002Fb>, add this to your Gemfile and run the +bundle+ command.\n\n  gem \"cancan\"\n\nIn \u003Cb>Rails 2\u003C\u002Fb>, add this to your environment.rb file.\n\n  config.gem \"cancan\"\n\nAlternatively, you can install it as a plugin.\n\n  rails plugin install git:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan.git\n\n\n== Getting Started\n\nCanCan expects a +current_user+ method to exist in the controller. First, set up some authentication (such as Authlogic[https:\u002F\u002Fgithub.com\u002Fbinarylogic\u002Fauthlogic] or Devise[https:\u002F\u002Fgithub.com\u002Fplataformatec\u002Fdevise]). See {Changing Defaults}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002Fchanging-defaults] if you need different behavior.\n\n\n=== 1. Define Abilities\n\nUser permissions are defined in an +Ability+ class. CanCan 1.5 includes a Rails 3 generator for creating this class.\n\n  rails g cancan:ability\n\nIn Rails 2.3, just add a new class in `app\u002Fmodels\u002Fability.rb` with the following contents:\n\n  class Ability\n    include CanCan::Ability\n\n    def initialize(user)\n    end\n  end\n\nSee {Defining Abilities}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002Fdefining-abilities] for details.\n\n\n=== 2. Check Abilities & Authorization\n\nThe current user's permissions can then be checked using the \u003Ctt>can?\u003C\u002Ftt> and \u003Ctt>cannot?\u003C\u002Ftt> methods in the view and controller.\n\n  \u003C% if can? :update, @article %>\n    \u003C%= link_to \"Edit\", edit_article_path(@article) %>\n  \u003C% end %>\n\nSee {Checking Abilities}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002Fchecking-abilities] for more information\n\nThe \u003Ctt>authorize!\u003C\u002Ftt> method in the controller will raise an exception if the user is not able to perform the given action.\n\n  def show\n    @article = Article.find(params[:id])\n    authorize! :read, @article\n  end\n\nSetting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.\n\n  class ArticlesController \u003C ApplicationController\n    load_and_authorize_resource\n\n    def show\n      # @article is already loaded and authorized\n    end\n  end\n\nSee {Authorizing Controller Actions}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002Fauthorizing-controller-actions] for more information.\n\n\n=== 3. Handle Unauthorized Access\n\nIf the user authorization fails, a \u003Ctt>CanCan::AccessDenied\u003C\u002Ftt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.\n\n  class ApplicationController \u003C ActionController::Base\n    rescue_from CanCan::AccessDenied do |exception|\n      redirect_to root_url, :alert => exception.message\n    end\n  end\n\nSee {Exception Handling}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002Fexception-handling] for more information.\n\n\n=== 4. Lock It Down\n\nIf you want to ensure authorization happens on every action in your application, add +check_authorization+ to your ApplicationController.\n\n  class ApplicationController \u003C ActionController::Base\n    check_authorization\n  end\n\nThis will raise an exception if authorization is not performed in an action. If you want to skip this add +skip_authorization_check+ to a controller subclass. See {Ensure Authorization}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FEnsure-Authorization] for more information.\n\n\n== Wiki Docs\n\n* {Upgrading to 1.6}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FUpgrading-to-1.6]\n* {Defining Abilities}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FDefining-Abilities]\n* {Checking Abilities}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FChecking-Abilities]\n* {Authorizing Controller Actions}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FAuthorizing-Controller-Actions]\n* {Exception Handling}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FException-Handling]\n* {Changing Defaults}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki\u002FChanging-Defaults]\n* {See more}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki]\n\n\n== Questions or Problems?\n\nIf you have any issues with CanCan which you cannot find the solution to in the documentation[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fwiki], please add an {issue on GitHub}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fissues] or fork the project and send a pull request.\n\nTo get the specs running you should call +bundle+ and then +rake+. See the {spec\u002FREADME}[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fblob\u002Fmaster\u002Fspec\u002FREADME.rdoc] for more information.\n\n\n== Special Thanks\n\nCanCan was inspired by declarative_authorization[https:\u002F\u002Fgithub.com\u002Fstffn\u002Fdeclarative_authorization\u002F] and aegis[https:\u002F\u002Fgithub.com\u002Fmakandra\u002Faegis]. Also many thanks to the CanCan contributors[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fcontributors]. See the CHANGELOG[https:\u002F\u002Fgithub.com\u002Fryanb\u002Fcancan\u002Fblob\u002Fmaster\u002FCHANGELOG.rdoc] for the full list.\n","CanCan 是一个用于 Ruby on Rails 的授权库，用于限制特定用户对资源的访问权限。其核心功能是将所有权限定义在一个名为 Ability 的类中，避免了在控制器、视图和数据库查询中的重复代码。通过提供 can? 和 cannot? 方法以及 authorize! 方法，CanCan 支持细粒度的权限检查与强制执行，并且支持 RESTful 风格的资源控制器自动授权。尽管该项目已不再维护，但 CanCan 仍然适合需要简单易用的权限管理方案的 Rails 应用场景。对于新项目，建议考虑使用 CanCanCan 或 Pundit 等活跃维护的替代方案。","2026-06-11 03:13:50","top_language"]