如何允许 :correct_user 和 :admin_user 删除 before_action 的 post?
How to allow both :correct_user and :admin_user delete a post by before_action?
更新后是答案,但 rails 告诉我
nil:NilClass
的未定义方法“销毁”
我认为correct_user方法和admin_user方法都需要重写,Harts在这里使用的逻辑很奇怪
class MicropostsController < ApplicationController
before_action :logged_in_user, only: [:create, :destroy]
before_action :correct_user_or_admin_user, only: :destroy
def destroy
@micropost.destroy
flash[:success] = "Micropost deleted"
redirect_to request.referrer || root_url
end
private
def correct_user
@micropost = current_user.microposts.find_by(id: params[:id])
redirect_to root_url if @micropost.nil?
end
def admin_user
#i dont know how to write it
end
def correct_user_or_admin_user
correct_user || admin_user
end
结束
这是不可能的,因为 :corrent_user 和 :admin_user 只是 before_action 方法的符号参数。
您可以做的是:
before_action :load_micropost, only: :destroy
before_action :admin_or_author, only: :destroy
在您的控制器中使用以下方法:
private
def load_micropost
# renders 404 on production if not found
@micropost = Micropost.find(params[:id])
end
def admin_or_author
redirect_to(root_url) unless administrator? || authorship?
end
def administrator?
current_user.admin?
end
def authorship?
@micropost.user == current_user
end
更新后是答案,但 rails 告诉我
nil:NilClass
的未定义方法“销毁”我认为correct_user方法和admin_user方法都需要重写,Harts在这里使用的逻辑很奇怪
class MicropostsController < ApplicationController
before_action :logged_in_user, only: [:create, :destroy]
before_action :correct_user_or_admin_user, only: :destroy
def destroy
@micropost.destroy
flash[:success] = "Micropost deleted"
redirect_to request.referrer || root_url
end
private
def correct_user
@micropost = current_user.microposts.find_by(id: params[:id])
redirect_to root_url if @micropost.nil?
end
def admin_user
#i dont know how to write it
end
def correct_user_or_admin_user
correct_user || admin_user
end
结束
这是不可能的,因为 :corrent_user 和 :admin_user 只是 before_action 方法的符号参数。
您可以做的是:
before_action :load_micropost, only: :destroy
before_action :admin_or_author, only: :destroy
在您的控制器中使用以下方法:
private
def load_micropost
# renders 404 on production if not found
@micropost = Micropost.find(params[:id])
end
def admin_or_author
redirect_to(root_url) unless administrator? || authorship?
end
def administrator?
current_user.admin?
end
def authorship?
@micropost.user == current_user
end