我无法在permission.rb上解决此语法错误。它说它需要额外的“结束”,但是当我添加它时,Safari无法加载页面。我在这两个文件上尝试了几种不同的方法,似乎都没有。有什么想法吗?
错误:
SyntaxError in UsersController#new
/Users/lexi87/dating/app/controllers/application_controller.rb:20: syntax error, unexpected keyword_end, expecting end-of-input
Rails.root: /Users/lexi87/dating
Application Trace | Framework Trace | Full Trace
app/controllers/users_controller.rb:1:in `<top (required)>'
permission.rb(没有额外的'结束'):
class Permission < Struct.new(:user)
def allow?(controller, action)
if user.nil?
controller == "galleries" && action.in?(%w[index show])
elsif user.admin?
true
else
controller == "galleries" && action != "destroy"
end
end
application_controller:
class ApplicationController < ActionController::Base
protect_from_forgery
private
def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
helper_method :current_user
def current_permission
@current_permission || ::Permission.new(current_user)
end
end
def authorize
if !current_permission.allow?(params[:controller], params[:action])
redirect_to root_url, alert: "Not authorized."
end
end
end
更新
Here's my users_controller:
class UsersController < ApplicationController
before_filter :authorize
def new
@user = User.new
end
def profile
@profile = User.profile
end
def create
@user = User.new(params[:user])
if @user.save
UserMailer.registration_confirmation(@user).deliver
session[:user_id] = @user.id
redirect_to root_url, notice: "Thank you for signing up!"
else
render "new"
end
end
def show
@user = User.find(params[:id])
end
def edit
@user = User.find(params[:id])
end
def index
@users = User.all
end
def destroy
User.find(params[:id]).destroy
flash[:success] = "User deleted."
redirect_to users_url
end
def update
@user = User.find(params[:id])
if @user.update_attributes(params[:user])
flash[:success] = "Account updated"
redirect_to @user
authorize! :update, @user
else
render 'edit'
end
end
end
答案 0 :(得分:1)
看来你需要另外end的权限。\ n 和你需要在application_controller.rb中移动一个:
class ApplicationController < ActionController::Base
protect_from_forgery
private
def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
helper_method :current_user
def current_permission
@current_permission || ::Permission.new(current_user)
end
end # this shouldn't be here
def authorize
if !current_permission.allow?(params[:controller], params[:action])
redirect_to root_url, alert: "Not authorized."
end
end
# it should be here
答案 1 :(得分:0)
您无需关闭private关键字。
end之后
def current_permission
没有必要!
答案 2 :(得分:0)
<强> 1
您需要end
permission.rb
<强> 2
您不需要并且结束ApplicationController的私有部分。 private关键字下面的所有内容都被视为“私有”。所以你需要移动“授权”方法。
所以完整的代码是(将一个方法移动到“public”):
permission.rb:
class Permission < Struct.new(:user)
def allow?(controller, action)
if user.nil?
controller == "galleries" && action.in?(%w[index show])
elsif user.admin?
true
else
controller == "galleries" && action != "destroy"
end
end
end
application_controller:
class ApplicationController < ActionController::Base
protect_from_forgery
def authorize
if !current_permission.allow?(params[:controller], params[:action])
redirect_to root_url, alert: "Not authorized."
end
end
private
def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
helper_method :current_user
def current_permission
@current_permission || ::Permission.new(current_user)
end
end