before_filter:authenticate_user!,除了:[:index]/Rails 4
Min*_*ohn 21 authentication ruby-on-rails devise ruby-on-rails-4
我有一个Listings Controller(设计用户系统)和我刚刚使用的Rails 3
before_filter :authenticate_user!, except: [:index]
在查看特定列表之前检查用户是否已登录.
我的主页(索引)在底部显示了一个视图列表,用户可以看到它们,但是只要他点击一个查看它,他就会被重定向到登录页面.
这就是为什么在我的控制器中我而不是
Listing.new -> current_user.listings.new
在Rails 4中,事情似乎发生了变化,我无法找到正确的方法.
我搜索了一下,发现命令改为
before_action :authenticate_user!, :except => [:index]
访客现在可以查看索引,但如果他点击列表,他不会被重定向到登录页面,而是我收到此错误.
NoMethodError in ListingsController#show
undefined method `listings' for nil:NilClass
# Use callbacks to share common setup or constraints between actions.
def set_listing
@listing = current_user.listings.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
我的房源控制器
class ListingsController < ApplicationController
before_action :set_listing, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!, :except => [:index]
# GET /listings
# GET /listings.json
def index
@listings = Listing.order("created_at desc")
end
# GET /listings/1
# GET /listings/1.json
def show
end
# GET /listings/new
def new
@listing = current_user.listings.build
end
# GET /listings/1/edit
def edit
end
# POST /listings
# POST /listings.json
def create
@listing = current_user.listings.build(listing_params)
respond_to do |format|
if @listing.save
format.html { redirect_to @listing, notice: 'Listing was successfully created.' }
format.json { render action: 'show', status: :created, location: @listing }
else
format.html { render action: 'new' }
format.json { render json: @listing.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /listings/1
# PATCH/PUT /listings/1.json
def update
respond_to do |format|
if @listing.update(listing_params)
format.html { redirect_to @listing, notice: 'Listing was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @listing.errors, status: :unprocessable_entity }
end
end
end
# DELETE /listings/1
# DELETE /listings/1.json
def destroy
@listing.destroy
respond_to do |format|
format.html { redirect_to listings_url }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_listing
@listing = current_user.listings.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def listing_params
params.require(:listing).permit(:title, :description, :image)
end
end
编辑:问题2
如果另一个登录用户尝试查看另一个用户创建的列表 - >
和日志
San*_*osh 27
authenticate_user之前打电话set_listing,所以current_user不是nil
before_action :authenticate_user!, :except => [:index]
before_action :set_listing, only: [:show, :edit, :update, :destroy]
试试这个,这将允许访客查看参数中提供的列表:
def set_listing
unless current_user
@listing = Listing.find(params[:id])
else
@listing = current_user.listings.find(params[:id])
end
end
更新:
您似乎希望按参数显示列表,而不是按current_user.如果是,那么请更新您的set_listing定义如下:
def set_listing
@listing = Listing.find(params[:id]) if params[:id]
end
| 归档时间: |
|
| 查看次数: |
57304 次 |
| 最近记录: |