所以,我希望用户能够发表评论。目前,任何人都可以通过在名称字段中键入任意名称来发表评论。
但我想将评论与用户联系起来。因此,评论表单中不再需要名称字段,因为它将是用户名。
如何做到这一点?
我跟随Ryan Bates的直播,但他从未将评论与用户联系起来。
comments_controller.rb
class CommentsController < ApplicationController
before_action :set_comment, only: [:show, :edit, :update, :destroy]
def index
@comments = Comment.where("song_id IS NOT ?", nil)
end
def show
end
# GET /comments/new
def new
end
# GET /comments/1/edit
def edit
end
# POST /comments
# POST /comments.json
def create
@comment = Comment.new(comment_params)
respond_to do |format|
if @comment.save
format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.' }
format.json { render action: 'show', status: :created, location: @comment}
else
format.html { render action: 'new' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /comments/1
# PATCH/PUT /comments/1.json
def update
respond_to do |format|
if @comment.update(comment_params)
format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
# DELETE /comments/1
# DELETE /comments/1.json
def destroy
@comment.destroy
redirect_to song_url(@comment.song_id)
end
private
# Use callbacks to share common setup or constraints between actions.
def set_comment
@comment = Comment.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def comment_params
params.require(:comment).permit(:song_id, :author_name, :site_url, :content, :user_id)
end
end
user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
has_many :songs
has_many :comments
acts_as_voter
end
comment.rb
class Comment < ActiveRecord::Base
belongs_to :user
belongs_to :song
end
评论#form.html.erb
<%= form_for @comment do |f| %>
<% if @comment.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@comment.errors.count, "error") %> prohibited this comment from being saved:</h2>
<ul>
<% @comment.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div id="comment_form">
<div class="field">
<%= f.hidden_field :song_id %>
<p>
<%= f.text_field :author_name, placeholder: "Name" %>
</p>
<p>
<%= f.text_area :content, :rows => '12', :cols => 35, placeholder: "Leave a comment..." %>
</p>
<p><%= f.submit "Submit" %></p>
<% end %>
<br /><br />
</div></div>
答案 0 :(得分:1)
如果Comment表尚未列出,则user_id表应该有一个名为user_id的列。然后,您可以分配current_user两种不同的方式。假设您使用<%= f.hidden_field :user_id, value: current_user.id %>方法。如果不这样做,则必须从您正在使用的会话存储或方法中填写user_id。
您可以在表单中创建一个hidden_field来分配它。
def create
@comment = Comment.new(comment_params)
@comment.user_id = current_user.id
respond_to do |format|
if @comment.save
format.html { redirect_to song_url(@comment.song_id), notice: 'Comment was successfully created.' }
format.json { render action: 'show', status: :created, location: @comment}
else
format.html { render action: 'new' }
format.json { render json: @comment.errors, status: :unprocessable_entity }
end
end
end
但正如@ rmagnum2002所述,这可能是一个安全问题,因为用户可以编辑它。
您可以在创建操作期间分配它:
{{1}}
在控制器创建动作中分配它可能是最好的。