rails 4中的load_resource问题

时间:2013-09-12 14:23:20

标签: ruby-on-rails ruby-on-rails-4

这是我的PostersController!我只是想有人告诉我,如何让它与“load_resource”一起工作。 “authorize_recourse”运行良好,但我需要更改什么才能使load_resource工作?我建议我必须做一些强有力的参数...谢谢

class PostersController < ApplicationController
  before_action :set_poster, only: [:show, :edit, :update, :destroy]
  before_filter :authenticate_user!, :except => :index
  # GET /posters
  # GET /posters.json
  def index
    @posters = Poster.all
  end

  # GET /posters/1
  # GET /posters/1.json
  def show
  end

  # GET /posters/new
  def new
    @poster = Poster.new

  end

  # GET /posters/1/edit
  def edit
  end

  # POST /posters
  # POST /posters.json
  def create
    @poster = Poster.new(poster_params)
    @poster.user_id = current_user.id

    respond_to do |format|
      if @poster.save
        format.html { redirect_to @poster, notice: 'Poster was successfully created.' }
        format.json { render action: 'show', status: :created, location: @poster }
      else
        format.html { render action: 'new' }
        format.json { render json: @poster.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /posters/1
  # PATCH/PUT /posters/1.json
  def update
    respond_to do |format|
      if @poster.update(poster_params)
        format.html { redirect_to @poster, notice: 'Poster was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: 'edit' }
        format.json { render json: @poster.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /posters/1
  # DELETE /posters/1.json
  def destroy
    @poster.destroy
    respond_to do |format|
      format.html { redirect_to posters_url }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_poster
      @poster = Poster.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def poster_params
      params.require(:poster).permit(:title, :body, :publish_date, :type)
    end
end

1 个答案:

答案 0 :(得分:1)

class PostersController < ApplicationController
  load_resource except: :create
  authorize_resource except: :index

  def index
  end

  def new
  end

  def edit
  end

  def create
    authorize! :create, Poster
    @poster = Poster.new(poster_params)
    @poster.user_id = current_user.id

    respond_to do |format|
      if @poster.save
        format.html { redirect_to @poster, notice: 'Poster was successfully created.' }
        format.json { render action: 'show', status: :created, location: @poster }
      else
        format.html { render action: 'new' }
        format.json { render json: @poster.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /posters/1
  # PATCH/PUT /posters/1.json
  def update
    respond_to do |format|
      if @poster.update_attributes(poster_params)
        format.html { redirect_to @poster, notice: 'Poster was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: 'edit' }
        format.json { render json: @poster.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /posters/1
  # DELETE /posters/1.json
  def destroy
    @poster.destroy
    respond_to do |format|
      format.html { redirect_to posters_url }
      format.json { head :no_content }
    end
  end

  private
    # Never trust parameters from the scary internet, only allow the white list through.
    def poster_params
      params.require(:poster).permit(:title, :body, :publish_date, :type)
    end
end
相关问题
最新问题